vip.disksusiangka.info Open in urlscan Pro
172.96.191.134 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vip.disksusiangka.info/
Submission: On February 06 via api (February 6th 2024, 8:46:56 pm UTC) from US — Scanned from US

Summary HTTP 2777 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 91 domains to perform 2777 HTTP transactions. The main IP is 172.96.191.134, located in Singapore, Singapore and belongs to LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG. The main domain is vip.disksusiangka.info.
TLS certificate: Issued by R3 on February 3rd 2024. Valid for: 3 months.

This is the only time vip.disksusiangka.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 132	172.96.191.134 172.96.191.134	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
111	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
72	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
617	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
16	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
119	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25 435	85.187.128.38 85.187.128.38	55293 (A2HOSTING) (A2HOSTING)
8	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
154	54.39.128.117 54.39.128.117	16276 (OVH) (OVH)
98	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
82	13.224.214.70 13.224.214.70	16509 (AMAZON-02) (AMAZON-02)
71	3.13.249.153 3.13.249.153	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	13.224.214.92 13.224.214.92	16509 (AMAZON-02) (AMAZON-02)
47	2606:4700:20:... 2606:4700:20::681a:c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12 16	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
5 9	23.37.113.114 23.37.113.114	16625 (AKAMAI-AS) (AKAMAI-AS)
47	18.238.4.90 18.238.4.90	16509 (AMAZON-02) (AMAZON-02)
2	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
212	23.48.224.78 23.48.224.78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 12	3.230.62.22 3.230.62.22	14618 (AMAZON-AES) (AMAZON-AES)
6 7	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
1 25	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	34.193.93.235 34.193.93.235	14618 (AMAZON-AES) (AMAZON-AES)
7 7	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
10 10	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	18.239.225.91 18.239.225.91	16509 (AMAZON-02) (AMAZON-02)
2 2	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
6 47	44.216.155.178 44.216.155.178	14618 (AMAZON-AES) (AMAZON-AES)
1 2	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.211.137.235 18.211.137.235	14618 (AMAZON-AES) (AMAZON-AES)
1 2	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
3 5	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
41	13.224.214.83 13.224.214.83	16509 (AMAZON-02) (AMAZON-02)
2 41	18.209.194.141 18.209.194.141	14618 (AMAZON-AES) (AMAZON-AES)
1 4	3.20.160.213 3.20.160.213	16509 (AMAZON-02) (AMAZON-02)
1 2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	172.96.191.132 172.96.191.132	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	23.7.64.229 23.7.64.229	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
29	34.238.108.239 34.238.108.239	14618 (AMAZON-AES) (AMAZON-AES)
26	18.238.4.68 18.238.4.68	16509 (AMAZON-02) (AMAZON-02)
9 30	50.16.49.58 50.16.49.58	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2606:4700:10:... 2606:4700:10::ac43:28ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
3	2606:4700:303... 2606:4700:3036::ac43:a392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	18.238.4.13 18.238.4.13	16509 (AMAZON-02) (AMAZON-02)
3 3	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 2	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	51.222.241.100 51.222.241.100	16276 (OVH) (OVH)
2 3	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
8 8	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
3 3	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
15 30	3.224.184.174 3.224.184.174	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550f:6f5e:c54f:5770:5695	14618 (AMAZON-AES) (AMAZON-AES)
3 3	52.86.247.135 52.86.247.135	14618 (AMAZON-AES) (AMAZON-AES)
1	18.238.4.107 18.238.4.107	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::300 2a04:4e42::300	54113 (FASTLY) (FASTLY)
1 1	174.129.90.144 174.129.90.144	14618 (AMAZON-AES) (AMAZON-AES)
4 5	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.230.91.215 3.230.91.215	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:9000:20e... 2600:9000:20ed:8c00:1a:609a:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 22	54.236.130.106 54.236.130.106	14618 (AMAZON-AES) (AMAZON-AES)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
20 20	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700:303... 2606:4700:3036::6815:db7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:817::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80c::200a	15169 (GOOGLE) (GOOGLE)
1 2	34.232.140.51 34.232.140.51	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 1	51.158.28.83 51.158.28.83	12876 (Online SAS) (Online SAS)
1 2	51.15.145.116 51.15.145.116	12876 (Online SAS) (Online SAS)
1 1	13.226.52.100 13.226.52.100	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
1 1	44.197.1.96 44.197.1.96	14618 (AMAZON-AES) (AMAZON-AES)
1 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1	18.238.4.51 18.238.4.51	16509 (AMAZON-02) (AMAZON-02)
32	99.83.181.31 99.83.181.31	16509 (AMAZON-02) (AMAZON-02)
2 2	54.173.232.72 54.173.232.72	14618 (AMAZON-AES) (AMAZON-AES)
3	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2 18	2606:4700:303... 2606:4700:3034::6815:19cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2001	() ()
2 2	104.18.20.134 104.18.20.134	() ()
2 2	44.197.18.83 44.197.18.83	() ()
1	2606:4700:303... 2606:4700:3033::6815:e31	() ()
2777	70

132 172.96.191.134 (Singapore, Singapore) 7 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.134-static.reverse.arandomserver.com

vip.disksusiangka.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.badutprediction.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zona-bermain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

111 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

617 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4is.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

119 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

435 85.187.128.38 (Singapore, Singapore) 25 redirects

ASN55293 (A2HOSTING, US)
PTR: sg1-tr1.supercp.com

vip.pangkalanhdgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.zona88.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bungaprediction.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.zonaprediction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.bungaprediction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.zonafantasi.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.poltar2d.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

154 54.39.128.117 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns561935.ip-54-39-128.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 13.224.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-70.phl50.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 3.13.249.153 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-249-153.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.224.214.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-92.phl50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 141.94.171.213 (France) 12 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.113.114 (Secaucus, United States) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-113-114.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 18.238.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-90.phl51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

212 23.48.224.78 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-78.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.230.62.22 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-62-22.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.81.226 (Plainview, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.93.235 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-93-235.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 68.67.160.137 (Jersey City, United States) 7 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.223.40.198 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.225.91 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-225-91.mia3.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.38.167.130 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 44.216.155.178 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-155-178.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.137.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-137-235.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.24 (United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.154.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 13.224.214.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-83.phl50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 18.209.194.141 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-194-141.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.20.160.213 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-160-213.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.96.191.132 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.132-static.reverse.arandomserver.com

vip.roomangkasa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vip.velbettgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.7.64.229 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-64-229.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.225.218.10 (Ashburn, United States) 8 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 34.238.108.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-108-239.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 18.238.4.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-68.phl51.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 50.16.49.58 (Ashburn, United States) 9 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-49-58.compute-1.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:28ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:a392 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.4.13 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-13.phl51.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.241.100 (Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-011.roqad.pl

wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 162.19.138.82 (Frankfurt am Main, Germany) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 3.224.184.174 (Ashburn, United States) 15 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-184-174.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nlsn.thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:6f5e:c54f:5770:5695 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.86.247.135 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-247-135.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-107.phl51.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.90.144 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-90-144.compute-1.amazonaws.com

pixel.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.0.156.250 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.91.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-91-215.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:8c00:1a:609a:6780:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 54.236.130.106 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-130-106.compute-1.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.236.220.17 (Washington, United States) 20 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3036::6815:db7 (United States)

ASN13335 (CLOUDFLARENET, US)

rankcrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80c::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.140.51 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com

tag.crsspxl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.28.83 (Paris, France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: online-prod.ipsfailover.com

map.cookieless-data.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.15.145.116 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: online-prod.ipsfailover.com

map.sddan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.52.100 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-52-100.mia3.r.cloudfront.net

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.1.96 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-1-96.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipus.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-51.phl51.r.cloudfront.net

cdn.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.173.232.72 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-232-72.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3034::6815:19cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tabelpakde.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2001 (None, )

ASN- ()

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.134 (None, ) 2 redirects

ASN- ()

idsync.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.197.18.83 (None, ) 2 redirects

ASN- ()

thrtl.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:e31 (None, )

ASN- ()

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
617	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	529 MB
294	poltar2d.info 24 redirects vip.poltar2d.info	3 MB
289	histats.com s4is.histats.com — Cisco Umbrella Rank: 634486 s10.histats.com — Cisco Umbrella Rank: 14576 s4.histats.com — Cisco Umbrella Rank: 14129	774 KB
287	sharethis.com 1 redirects pd.sharethis.com — Cisco Umbrella Rank: 12612 t.sharethis.com — Cisco Umbrella Rank: 5730 sync.sharethis.com — Cisco Umbrella Rank: 2756	701 KB
202	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5021 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5129	601 KB
111	badutprediction.info 7 redirects vip.badutprediction.info	2 MB
111	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	2 MB
98	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16248 t.dtscout.com — Cisco Umbrella Rank: 13665	160 KB
83	zonaprediction.com vip.zonaprediction.com	871 KB
72	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	3 MB
64	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 671 ce.lijit.com — Cisco Umbrella Rank: 859 cdn.lijit.com	55 KB
48	liadm.com 6 redirects i.liadm.com — Cisco Umbrella Rank: 550 i6.liadm.com — Cisco Umbrella Rank: 2884	27 KB
47	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14516	20 KB
45	w.org s.w.org — Cisco Umbrella Rank: 3198	24 KB
42	crwdcntrl.net 9 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 sync.crwdcntrl.net — Cisco Umbrella Rank: 853 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	132 KB
30	thrtle.com 15 redirects thrtle.com — Cisco Umbrella Rank: 1397 nlsn.thrtle.com	16 KB
30	bungaprediction.top bungaprediction.top	97 KB
29	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 4440	4 KB
26	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1555
25	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	4 KB
20	simpli.fi 20 redirects um.simpli.fi — Cisco Umbrella Rank: 856	8 KB
19	velbettgroup.com vip.velbettgroup.com	41 KB
18	tabelpakde.com 2 redirects tabelpakde.com — Cisco Umbrella Rank: 382077	274 KB
16	onaudience.com 12 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3060	6 KB
14	zona88.top 1 redirects vip.zona88.top	126 KB
12	eyeota.net 5 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	6 KB
12	disksusiangka.info vip.disksusiangka.info	125 KB
10	adsrvr.org 10 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	4 KB
9	zona-bermain.com zona-bermain.com	25 MB
9	bluekai.com 5 redirects tags.bluekai.com — Cisco Umbrella Rank: 727 stags.bluekai.com — Cisco Umbrella Rank: 940	3 KB
8	id5-sync.com 8 redirects id5-sync.com — Cisco Umbrella Rank: 425	11 KB
8	yahoo.com 8 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	2 KB
8	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2022	34 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	150 KB
7	zonafantasi.info vip.zonafantasi.info	17 KB
7	roomangkasa.top vip.roomangkasa.top	17 KB
7	adnxs.com 7 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	7 KB
7	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	1 KB
6	rankcrack.com rankcrack.com	8 KB
5	exelator.com 4 redirects loadus.exelator.com — Cisco Umbrella Rank: 1531 loadm.exelator.com — Cisco Umbrella Rank: 1780	4 KB
5	bungaprediction.com w1.bungaprediction.com	1 KB
5	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451	1 KB
4	smadex.com 4 redirects cm.smadex.com — Cisco Umbrella Rank: 3096	2 KB
4	zeotap.com 2 redirects spl.zeotap.com — Cisco Umbrella Rank: 3325 mwzeom.zeotap.com — Cisco Umbrella Rank: 3434	2 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	192 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2267 pbid.pro-market.net — Cisco Umbrella Rank: 8214	1 KB
3	bidr.io 3 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	1 KB
3	everesttech.net 3 redirects rtd-tm.everesttech.net — Cisco Umbrella Rank: 3124 sync-tm.everesttech.net — Cisco Umbrella Rank: 716	851 B
3	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583 dmp.adform.net — Cisco Umbrella Rank: 3041	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
3	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 22509	1 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 7362	2 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13409 ic.tynt.com — Cisco Umbrella Rank: 11236 de.tynt.com — Cisco Umbrella Rank: 1526	9 KB
2	imrworldwide.com 2 redirects thrtl.redinuid.imrworldwide.com	609 B
2	reson8.com 2 redirects idsync.reson8.com	590 B
2	blogspot.com 1.bp.blogspot.com	25 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	3 KB
2	semasio.net 2 redirects uipus.semasio.net — Cisco Umbrella Rank: 7052	1 KB
2	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	942 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5392	633 B
2	sddan.com 1 redirects map.sddan.com — Cisco Umbrella Rank: 16487	2 KB
2	crsspxl.com 1 redirects tag.crsspxl.com — Cisco Umbrella Rank: 5357	702 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1347	737 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1870	556 B
2	33across.com 1 redirects dp2.33across.com — Cisco Umbrella Rank: 12127 dp1.33across.com — Cisco Umbrella Rank: 7249	564 B
2	krxd.net usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	126 B
2	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 790	827 B
2	rfihub.com 2 redirects p.rfihub.com — Cisco Umbrella Rank: 841	2 KB
2	rezync.com 2 redirects live.rezync.com — Cisco Umbrella Rank: 1645	2 KB
2	pangkalanhdgroup.com vip.pangkalanhdgroup.com	5 KB
1	dtsedge.com dtsedge.com	445 B
1	postrelease.com 1 redirects jadserve.postrelease.com — Cisco Umbrella Rank: 1144	539 B
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704	426 B
1	cookieless-data.com 1 redirects map.cookieless-data.com — Cisco Umbrella Rank: 16546	666 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	673 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	658 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 9630	544 B
1	shareaholic.com 1 redirects pixel.shareaholic.com — Cisco Umbrella Rank: 26442	511 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 646	412 B
1	userreport.com audex.userreport.com — Cisco Umbrella Rank: 4929	433 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381	444 B
1	rqtrk.eu wt.rqtrk.eu — Cisco Umbrella Rank: 1452	350 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	360 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 6188	16 KB
0	btrll.com Failed geo-um.btrll.com Failed
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
0	zona-angka.top Failed zona-angka.top Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
2777	91

	Domain	Requested by
617	blogger.googleusercontent.com	vip.disksusiangka.info vip.badutprediction.info vip.zona88.top vip.zonaprediction.com vip.poltar2d.info
294	vip.poltar2d.info	24 redirects vip.zonaprediction.com vip.poltar2d.info
212	t.sharethis.com	pd.sharethis.com t.sharethis.com vip.disksusiangka.info vip.badutprediction.info vip.zona88.top vip.roomangkasa.top vip.zonaprediction.com
154	s4.histats.com	s10.histats.com
119	s10.histats.com	vip.disksusiangka.info s10.histats.com vip.badutprediction.info vip.pangkalanhdgroup.com vip.zona88.top vip.roomangkasa.top vip.zonaprediction.com w1.bungaprediction.com vip.zonafantasi.info vip.poltar2d.info vip.velbettgroup.com
111	vip.badutprediction.info	7 redirects vip.disksusiangka.info vip.badutprediction.info
111	cdn.jsdelivr.net	vip.disksusiangka.info vip.badutprediction.info vip.zona88.top vip.zonaprediction.com vip.poltar2d.info
83	vip.zonaprediction.com	vip.badutprediction.info vip.zonaprediction.com
82	get.s-onetag.com	e.dtscout.com get.s-onetag.com
72	maxcdn.bootstrapcdn.com	vip.disksusiangka.info maxcdn.bootstrapcdn.com vip.badutprediction.info vip.zona88.top vip.zonaprediction.com vip.poltar2d.info
71	pd.sharethis.com	e.dtscout.com vip.disksusiangka.info t.sharethis.com vip.pangkalanhdgroup.com vip.badutprediction.info vip.zona88.top vip.roomangkasa.top vip.zonaprediction.com w1.bungaprediction.com vip.zonafantasi.info
51	e.dtscout.com	s4.histats.com
47	i.liadm.com	6 redirects vip.disksusiangka.info vip.badutprediction.info vip.zonaprediction.com vip.poltar2d.info
47	onetag-geo.s-onetag.com	get.s-onetag.com
47	t.dtscdn.com	e.dtscout.com
47	t.dtscout.com	e.dtscout.com
45	s.w.org	vip.zona88.top vip.badutprediction.info vip.poltar2d.info
41	ap.lijit.com	2 redirects vip.disksusiangka.info get.s-onetag.com
41	data-beacons.s-onetag.com	get.s-onetag.com
32	connect-metrics-collector.s-onetag.com	get.s-onetag.com
30	bungaprediction.top	vip.pangkalanhdgroup.com vip.roomangkasa.top vip.zonafantasi.info vip.velbettgroup.com
29	track2.securedvisit.com	data-beacons.s-onetag.com
28	thrtle.com	15 redirects bcp.crwdcntrl.net vip.disksusiangka.info data-beacons.s-onetag.com vip.badutprediction.info vip.zonaprediction.com
26	api.intentiq.com	data-beacons.s-onetag.com
25	px.ads.linkedin.com	1 redirects vip.disksusiangka.info vip.badutprediction.info vip.zonaprediction.com vip.poltar2d.info
22	ce.lijit.com	1 redirects vip.disksusiangka.info vip.badutprediction.info vip.zonaprediction.com vip.poltar2d.info
20	um.simpli.fi	20 redirects
19	vip.velbettgroup.com	vip.poltar2d.info
18	tabelpakde.com	2 redirects vip.poltar2d.info tabelpakde.com
17	sync.crwdcntrl.net	5 redirects bcp.crwdcntrl.net vip.disksusiangka.info
16	pixel.onaudience.com	12 redirects e.dtscout.com
16	s4is.histats.com	vip.disksusiangka.info vip.badutprediction.info vip.zona88.top vip.zonaprediction.com
14	vip.zona88.top	1 redirects vip.disksusiangka.info vip.zona88.top
13	bcp.crwdcntrl.net	4 redirects tags.crwdcntrl.net vip.badutprediction.info bcp.crwdcntrl.net
12	ps.eyeota.net	5 redirects vip.disksusiangka.info vip.pangkalanhdgroup.com vip.badutprediction.info data-beacons.s-onetag.com
12	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
12	vip.disksusiangka.info	vip.disksusiangka.info
10	match.adsrvr.org	10 redirects
9	zona-bermain.com	vip.badutprediction.info vip.zona88.top
8	id5-sync.com	8 redirects
8	secure.gravatar.com	vip.disksusiangka.info vip.badutprediction.info
7	vip.zonafantasi.info	vip.zonaprediction.com
7	vip.roomangkasa.top	vip.badutprediction.info
7	cm.g.doubleclick.net	6 redirects bcp.crwdcntrl.net
7	tags.bluekai.com	3 redirects vip.disksusiangka.info tags.bkrtx.com bcp.crwdcntrl.net
6	rankcrack.com	w1.bungaprediction.com rankcrack.com ajax.googleapis.com
5	ajax.googleapis.com	rankcrack.com vip.badutprediction.info
5	w1.bungaprediction.com	vip.badutprediction.info vip.poltar2d.info
5	idsync.rlcdn.com	3 redirects vip.disksusiangka.info bcp.crwdcntrl.net
5	secure.adnxs.com	5 redirects
4	loadm.exelator.com	4 redirects
4	cm.smadex.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	cms.analytics.yahoo.com	4 redirects
4	sync.sharethis.com	1 redirects vip.disksusiangka.info
3	code.jquery.com	vip.poltar2d.info
3	match.prod.bidr.io	3 redirects
3	x.bidswitch.net	3 redirects
3	a.dtssrv.com	e.dtscout.com
3	pixel.tapad.com	3 redirects
3	map.go.affec.tv	2 redirects vip.disksusiangka.info
2	nlsn.thrtle.com	vip.badutprediction.info vip.zonaprediction.com
2	thrtl.redinuid.imrworldwide.com	2 redirects
2	idsync.reson8.com	2 redirects
2	1.bp.blogspot.com	tabelpakde.com
2	sync.srv.stackadapt.com	2 redirects
2	uipus.semasio.net	2 redirects
2	x01.aidata.io	1 redirects bcp.crwdcntrl.net
2	pool.admedo.com	2 redirects
2	map.sddan.com	1 redirects bcp.crwdcntrl.net
2	fei.pro-market.net	2 redirects
2	tag.crsspxl.com	1 redirects bcp.crwdcntrl.net
2	fonts.googleapis.com	rankcrack.com
2	rtd-tm.everesttech.net	2 redirects
2	ib.adnxs.com	2 redirects
2	c1.adform.net	2 redirects
2	s.amazon-adsystem.com	1 redirects bcp.crwdcntrl.net
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	mwzeom.zeotap.com	vip.zona88.top bcp.crwdcntrl.net
2	spl.zeotap.com	2 redirects
2	stags.bluekai.com	2 redirects
2	ml314.com	1 redirects vip.disksusiangka.info
2	pippio.com	1 redirects vip.disksusiangka.info
2	p.rfihub.com	2 redirects
2	live.rezync.com	2 redirects
2	vip.pangkalanhdgroup.com	vip.disksusiangka.info vip.zona88.top
1	dtsedge.com	e.dtscout.com
1	cdn.lijit.com	vip.disksusiangka.info
1	sync-tm.everesttech.net	1 redirects
1	dmp.adform.net	bcp.crwdcntrl.net
1	jadserve.postrelease.com	1 redirects
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	map.cookieless-data.com	1 redirects
1	pbid.pro-market.net	bcp.crwdcntrl.net
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	aa.agkn.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	loadus.exelator.com	bcp.crwdcntrl.net
1	pixel.shareaholic.com	1 redirects
1	trc.taboola.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	i6.liadm.com	bcp.crwdcntrl.net
1	d.turn.com	1 redirects
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	sync.outbrain.com	bcp.crwdcntrl.net
1	dis.criteo.com	vip.disksusiangka.info
1	tags.bkrtx.com	pd.sharethis.com
1	dp1.33across.com	vip.disksusiangka.info
1	dp2.33across.com	1 redirects
1	usermatch.krxd.net	vip.disksusiangka.info
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	vip.disksusiangka.info
1	cdn.tynt.com	e.dtscout.com
0	geo-um.btrll.com Failed	bcp.crwdcntrl.net
0	ad.mrtnsvr.com Failed	bcp.crwdcntrl.net
0	zona-angka.top Failed	vip.badutprediction.info
0	sync.search.spotxchange.com Failed	bcp.crwdcntrl.net
2777	118

This site contains links to these domains. Also see Links.

Domain
punyadunia.com
hitamdia.com
idehebat.com
xn--hy1bu3c96bmw0c.com
konsepterbalik.com
obral87.com
serba5kali.com
terbalikdiskon.com
cicaksukses.com
berkatbaik.com
xn--2o2b17yoct94ecia.com
xn--zs5brxj7u.com
ffsukses.com
xn--hg4bo4jmcp8e.com
xn--om2b1fu9h4rpdrq.com
kudasatu.com
xn--i89aqf47kdvhukv.com
xn--oy2b17nw6bbqq49a.com
domainbett.com
nagamaswin.com
vip.velbettgroup.com
vip.zonafantasi.info
vip.egaagroup.top
vip.roomangkasa.top
vip.pangkalanhdgroup.com
vip.zonapools.info
vip.badutprediction.info
vip.track-invest.top
app.track-2d.info
vip.poltar2d.info
vip.gubukprediktor.info
w1.bungaprediction.com
zona-bermain.com
vip.zonaprediction.top
vip.markas-prediktor.info
vip.kaptenoleng.com
vip.ratuprediction.top
vip.zona88.top
kaptenoleng.info
www.histats.com
vip.zona-pools.com
ronangelo.com

Subject Issuer	Validity	Valid
www.vip.disksusiangka.info R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
vip.pangkalanhdgroup.com R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
www.vip.badutprediction.info R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
www.vip.zona88.top R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
webdisk.markas-prediktor.info R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
www.zona-bermain.com.gubukprediction.com R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
www.vip.roomangkasa.top R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
www.vip.zonaprediction.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-03-12` - `2024-04-10`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
gubukprediction.top R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
vip.zonafantasi.info R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
dtssrv.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
www.vip.poltar2d.info R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2024-04-28`	a year	crt.sh
*.rqtrk.eu RapidSSL TLS RSA CA G1	`2023-06-01` - `2024-05-31`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-26` - `2024-06-26`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2024-01-31` - `2025-01-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
rankcrack.com GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
vip.velbettgroup.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2023-03-22` - `2024-04-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
tabelpakde.com E1	`2023-12-24` - `2024-03-23`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
dtsedge.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh

This page contains 246 frames:

Primary Page: https://vip.disksusiangka.info/
Frame ID: 4EB108537861216E4BB8DB35A4841E5D
Requests: 86 HTTP requests in this frame

Frame: https://vip.pangkalanhdgroup.com/poltar.php
Frame ID: BB2EAC75AE4E2BA88CD24DB9FC541D71
Requests: 39 HTTP requests in this frame

Frame: https://vip.badutprediction.info/
Frame ID: C5A03C592E150BB7B9DB00D3DBB41CA6
Requests: 46 HTTP requests in this frame

Frame: https://vip.zona88.top/tabel-shio/
Frame ID: E6681742FF417D68F69304F6B7F5CE50
Requests: 70 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401707252376755089DB59665E5F0C
Frame ID: 26DB10729A5F1216F23B43484AC99A83
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 3D0420035471DEF54284C0ADDB2AAB88
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: FEAF2FEE485A15B13CA67CA4FD23D257
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 64E992E90623057530653AAAC31BFD1F
Requests: 2 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 062091704C0156273650028F701906C8
Requests: 28 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: BBA89DB323871FD0137F385B2F23D5D6
Requests: 64 HTTP requests in this frame

Frame: https://vip.badutprediction.info/live-japan/
Frame ID: EEDBF8BA5694FE9EC6999DBE08920664
Requests: 48 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEITexlY59o2hjs8PMLWZUbw&google_cver=1
Frame ID: EF9B40378C7B54BD8E38645CACB75991
Requests: 1 HTTP requests in this frame

Frame: https://vip.pangkalanhdgroup.com/poltar.php
Frame ID: 70AF71E3619AF15B70BBDE509C127F22
Requests: 32 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 303A92DE20DCB56F4ADC7AC0F8259EC4
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 37DCE2D1125D7ECC17E5E32E492F7299
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 88AED817D1EC0FD564A875740488DAD2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: CF694924A68C75D5C68E2BEF958F177D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: A83AFCEFC0D1B46342C478BED242225A
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: C5392938F0E182A1DBEB6188F71E4612
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38451
Frame ID: 2D186E5893E934E097438A8948C3A9B9
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 635E321622A182A5BD6DCA77BA9EA2C8
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 27314CA0D076E38749164E7D6F4E6EF3
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: EC50C02F128810F2ED364A166DEDA680
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: F149CE1FD63CEDC811A0CA02E4D406E1
Requests: 2 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livejapan.php
Frame ID: 67469AEDB907C4BB7357174EF116CF0D
Requests: 22 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 18E050AD1DD2A40AFE3B4919C71B6D2F
Requests: 22 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: A1B6DE2B1CA4D6AE11CCBD0CA8E37851
Requests: 60 HTTP requests in this frame

Frame: https://vip.badutprediction.info/prediksi-singapore/
Frame ID: B21479641AD4C4FC613124710120143D
Requests: 54 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 40937B80F51549E3311244E421F1B134
Requests: 83 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: AC5751959660E832844752B12B17646B
Requests: 1 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-japan/
Frame ID: 7CCC23251D0CF28CE1952CE09ED6FF3E
Requests: 61 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: D40D7E0F3A7E54A8BF667FB30ECD6BFB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 48E5ACA399ADB9C24B5BCE732945C02F
Requests: 2 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 7B54C845C64F722D54C0129AB42B0BF7
Requests: 24 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=5759
Frame ID: B0B693C39BA48D1263C2E85394AD71AC
Requests: 1 HTTP requests in this frame

Frame: https://rankcrack.com/live-draw-japan.php
Frame ID: 2810A5DADDDD3FB7F0F99319617C657B
Requests: 5 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 776863947E113DF63494FE64DFF57CD0
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 658BCF6324B1238ABEC5613CC2244AE4
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 9318A40F710FEDC9CC0011640E8C662C
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=76693
Frame ID: D9DC4F0DF71DC83EF7B6FC0A5E838644
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 306A9DB874AF38A8CEF7A45B49EE5607
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: C796EB8DD0E1B0596BC81B0BA0C44DCD
Requests: 1 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 1E3C15DDCDEFD60494DB52B1EDBC6EBB
Requests: 83 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 312F3D20A9CCBC1EB293CFEBDE0A6462
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: B591A1379F3ABBD88A7E2CE491FAC79D
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: B08C681E8CBBB9229272BEEF7189D124
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-japan/
Frame ID: A6AF55FA295E8B2B609581D041E8DD38
Requests: 59 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 73B5F93A9F3B99D6BDCAB173D5A5042C
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 3A6A2D55D84BB5012FDCE3E856E99D99
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 401CC8175FE46A13C358F32138455C02
Requests: 2 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 9733CB22C29C0CE3DF011BC9A5C1411F
Requests: 20 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 788F9C0C45A548F0CFDBC6B66571FC17
Requests: 58 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: BE916DFB46E0D757F2C21DFB2BFA251E
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 4B90A8220653BC6F04F6249B5D66F07E
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=76406
Frame ID: 9B57E7378B4892C3D42F49A249D48DDA
Requests: 1 HTTP requests in this frame

Frame: https://vip.badutprediction.info/prediksi-cambodia/
Frame ID: E2037BD5A65A72353874BAF208D35764
Requests: 44 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 878F91B30D1C0A3417D310A178EFC288
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 0A2A3F1C11DE7A915AA1D595FD838F84
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 415129E710A66B027690587C4FC75EBF
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49058
Frame ID: 36B7EFC0B5C88C30BF1EFAC1C45C2E1E
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: EDE63F1207D3D42BC8B1ABF6CA5F40A3
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 82F4EBEF4D668C7808E35FB14B0C5167
Requests: 1 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: E189C12CE03131A9E0A526FC4DB79916
Requests: 32 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 279C017668DA35C3BFE27CF79837E1E5
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 9C7B4D7537246BF0AA54347C04B63CBD
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-taiwan/
Frame ID: A843B2430AE8F3083CA678190E3A95EE
Requests: 55 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=25006
Frame ID: A97FA06E5938B89E06AAE68E073E06D0
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 7E52496356EE3C1DE8FB56B8983399CE
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 341AD25F170A8506684133F61D346F2C
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 5CCCA9E6C65B07872CDA69ABBCE5AB3C
Requests: 15 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: 5C0BA3243D316673312F19C082202D55
Requests: 16 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 6D61539C31C16C0CF31DACA02B9C8AAE
Requests: 51 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93415
Frame ID: 6CBF0AA8FCB1625864915EEEFE75056C
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: F6B6374B83F2FAB91B5BEC2CD1CB254C
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 69A7EF0B78B866789BAA54494D88887B
Requests: 2 HTTP requests in this frame

Frame: https://vip.badutprediction.info/prediksi-taiwan/
Frame ID: 4C03EEBCD6514AAFD3763D02C43DDAAD
Requests: 37 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 6A78E1C4EAA98A3FA0A1205404A3926B
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 89D58AAE6052D93CE676CE1C105692A6
Requests: 13 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 3D624EF2A7DB8B42DAB6F372EFCA2EF9
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 1DB61D51EB6E09A70D77E076B37CCE03
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 08B6A4926A524C1FFC9D8E4233EDCC12
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: CD506C87F686427B691AF39512F7FE62
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: BC03D1947440181DED41C9B93BF8B5B6
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 19F8A991FE11EAF6843430E0D9EEFCBB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: CA6FD57ABA4E5A0EB6DA49B51C780AB4
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 35B273FE147E1255280A42EAA432B75C
Requests: 1 HTTP requests in this frame

Frame: https://vip.poltar2d.info/generator-line-angka/
Frame ID: C47FB35C3885A5732AD65BCD2E93B111
Requests: 55 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: F6A58FC2EB1DC9BB4768F4055024C57D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: A424713051D9485B8204D8FFC31021ED
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=72546
Frame ID: 640F63FC0E5D7AA432FC17FDEF9B81DD
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=56114
Frame ID: 848845311BB9520D94F509F9975C1A6B
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 142D8CEBA412148AC993418FF87BEABC
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 9033DCF795AB13EDC9850F5C313A19A3
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 32027E27891CA5FD6977658D47163F4E
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 4BB47DA5AD6F49347FD29E27810B2BAE
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 488587838BE61D1997B28C9CDCA3E0AD
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 5A476DEA605D5CE551E9616B52CAB6EB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 950DC7E2D3C6668796FA85DE426F8D1E
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 273A21CA44587CFE91CD2C88899E8721
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 820BAD07CFC42CCCC3B6CB090847E201
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 340675C9FBC1A95FE0C4780A7B803AFD
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 1A46956241F21D880866DB58726CD685
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 326866C9B1106159F3197A0C02538C87
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 23A7614F45C9A9C055DF90246CF84FF2
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: F08CBE10F51AC7BE894278A6D5255AC0
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: BF94BA47A7D6C10DCFBD8F85C837D81B
Requests: 13 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 6153A24513F6C0CC1AD788A4F641CDE0
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: DBD4693675E858539114B9D2FD97829E
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 498411FB84955C1EB7FC8554737BCAAE
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 649D32FC8C67AA6E47171DF285E8CCCF
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 3F5DED07CA922ED783F1B63BEA8F845F
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: F6A0A4CE108BB04148F0CC597FB39E3E
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 8DDC4058BF5412F45B98B70EBAFEBF15
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 3F0D593476D75C6DF7B891F49DF8377E
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 163EC92CDABE9EA4B251C5A358446B7C
Requests: 13 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 8141BD8E806D99F3D23C7E29A90B6505
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 82B56F51CA7D99E7407E3901BFFE3986
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 536A46CF0C1886A368A2624833BF019B
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: C1FCAE3331197C24FA73D435A98C37C5
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 88416E79EFEB53E49053A15BF849A349
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 035A3E2F7F9ACA571F4213C4EB403CD0
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: B8045BEB9A695E205D9012C8BBA5B4AD
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 6B9887AA1C566E358CD5D1476402F814
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 9685D677C10C4E5A1270368E8C0085D2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 477AE3EAB13F9BBEFBE1040A3193E220
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 42418DB5512FC12227697FBF6B7B5C8A
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: E5DEA63BE751D96D8F2694CCF3361C39
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: C307A3F9BE76C9883655F2129E172202
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 08FA427BF10B7A556219530C55A4A39C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: A8E5C4F7DE2FECB0258E1C2CB8E862A7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: DF722245B1DA5485AA6A71FBEA3DAF17
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 5B53203F9591F504A3D60643F6F92E10
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: A7CD0E298980BEC1D452FAFD610ED449
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 17D538CD830D687F70A2FC2CFC87FDEF
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: ED1986760C02A030A372C37F991FABA0
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: C37154C2A6C19FDFC16B54B3E2223DDB
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: F7D28098927C3C38E08D4A3702190C4E
Requests: 1 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-cambodia/
Frame ID: 0965A6B25F335CA74CDCB759682B8EBB
Requests: 53 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 2F0344E3D27CE6942DE776BD46A826A5
Requests: 27 HTTP requests in this frame

Frame: https://vip.poltar2d.info/rekap-angka-ct/
Frame ID: FAE524D8F351D96B6FC05F6BEDBB3FE8
Requests: 53 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: DE82F92DC3B8BDFCDE3099D8E291C1CF
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/generator-angka/
Frame ID: 1D723F923EC49F5271D776AC28DA41B8
Requests: 52 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: CAAEB626A714F1B6E2ABB4B7BB3E136C
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 89F83D481976690F479DA788E94985E0
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: D1C7A737F2D4C63BE11C5CDCD2475F11
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34571
Frame ID: DA1AFDBB005DCE6898A0652C13C62BC5
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=18439
Frame ID: F60DCE8C1A7594138F8D27CB6DAF7C4E
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 3E22461469181BA0D3087F4E27A2F10A
Requests: 12 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: DC7DA7CCE00F74702654147876724AEB
Requests: 12 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: C90381F949FDAB7261D681C4DD660698
Requests: 49 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: CD568AE9801E10675B845A332E9BD139
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 11770B3E14E783B1F751F42E85BFCE8E
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: D58FEFD0783F22FEDD8E1B2658B17638
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: FEE79C0194FC65FDC42209A127D25706
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 5EC2CFFFC7E3ACDCB266649F8226707F
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 77367F18F6F99F163E4756BC04284A25
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: B11C8F6A8B3B900E390A2DD28087586B
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: A47801F4B05BB5F217C8CF1CBA55A3D3
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: A17BDD508C229C8BB856C18108FC2B2F
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: F57F7A672207DA2ED6022888877E32CD
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: E4FE252E1B167EF5902588ED379A02DD
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 1CAEDF773E812117841B82E5CCAFB78B
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: E4BE0CAB54E80F80DDAD66626D03A0E4
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: BD2B90F767A66485980A36240ACC515E
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 3E3A096F3C3478E92087BA53D7842154
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/buku-mimpi-2d/
Frame ID: F3D94B40F5C58DA589FEB291C20FFA92
Requests: 52 HTTP requests in this frame

Frame: https://vip.badutprediction.info/rekap-angka-3d/
Frame ID: B2C4A44D38F1353883F20A0D9FA12365
Requests: 36 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=48941
Frame ID: 823F4E2134198ECD8C78E2B0E2383800
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=4875
Frame ID: 93CDC47EA22E95EDBC3E0CDC8E6FF159
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=87750
Frame ID: A5582CDD547FF029ADC50CAF43AD3019
Requests: 1 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/live-cambodia.php
Frame ID: 686D3257702DB6A9D17C15BEA3E24C10
Requests: 10 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 2C631759769C297DE3861494EA44FE9B
Requests: 11 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 8109384D5FBC6633DD207F55CC8B59E7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: 8848F4B03391A3AE711F61276A622F7C
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: CF4EEABD3DC711F2F233985F2AC4B875
Requests: 10 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 6F0E3A608281B84E6466D6E09F285166
Requests: 10 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-hongkong/
Frame ID: 4FE2FE389B95E9A61E151ACD1E93A74D
Requests: 51 HTTP requests in this frame

Frame: https://vip.poltar2d.info/rekap-angka-4d/
Frame ID: FAB9FF36E9C6EFE6567BDEBD8D41983F
Requests: 53 HTTP requests in this frame

Frame: https://rankcrack.com/live-draw-cambodia.php
Frame ID: 33B5C0C1DE21B10F9FC5809452D102AC
Requests: 5 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-hongkong/
Frame ID: 0AEB6B253AA534264A2292BDD7332809
Requests: 53 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7CA5EC3E68090E0825654B3A6826C7D5
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: BC3089AB111ADDE4BBE2E6A5D8CFA7D5
Requests: 2 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 4DAE593F161ADB11F7C5CBEE0479853E
Requests: 22 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: F84C1ADAE748E194E20E1D6896DCCFDE
Requests: 11 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 08FF94571D1D9A03C94DD1DE872C268C
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 55C62040FF9D9EF3A447E9300924A42D
Requests: 2 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: C66C3C3B1696301C74549E9122C40F12
Requests: 9 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 2C71426CE88D836D15A075A9CB12AEA6
Requests: 47 HTTP requests in this frame

Frame: https://vip.poltar2d.info/buku-mimpi-4d/
Frame ID: F8DB5EF14652E23C1433FF3444B12133
Requests: 46 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-china/
Frame ID: 8BD6520E517E0F4753BD47F97EF7B21A
Requests: 49 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
Frame ID: ACF7ED4631360AA1B8574DF0D680FFDC
Requests: 1 HTTP requests in this frame

Frame: https://vip.badutprediction.info/rekap-angka-2d/
Frame ID: B45E7A47A60A25F75665002F1B5F197A
Requests: 31 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: AF665318FA6438908B650572C737D578
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 4542914A5B1FB15E5968A8E9FA83E945
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 54DB4D3A0F68E5E18337E7D6BCF8422F
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=50040
Frame ID: 82A36DC5CFDE4830A49857E4294D49AB
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=21175
Frame ID: 1DF0B9B9BC6F1563AD50D028A22D85D1
Requests: 1 HTTP requests in this frame

Frame: https://tabelpakde.com/live-draw-hk/
Frame ID: E9FCEEC55676877A3EC9AAF3562EFFF8
Requests: 9 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 4A5BE021089A2226EB25005A1BA8677A
Requests: 6 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C
Frame ID: 03A634A064C8F7FAA8CC546352A71D21
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-hongkong/
Frame ID: 027B4D5507E2355C22E5E4D98FAC5479
Requests: 46 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: C629274FBE3E9F1A9327ACAD1CABD10C
Requests: 6 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=35995
Frame ID: DAEFC458114B21738FDE9324CFB537EA
Requests: 1 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: 8B7BC9D85EEDCAE927207FE87621EA91
Requests: 21 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 3EB86E431CA9FD767A17873C000D9AAC
Requests: 6 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-sydney/
Frame ID: 3F891B50270A2714308898BA62423071
Requests: 45 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=52962
Frame ID: 81BE716EFD1C864A7E92BAFC3D99FA1F
Requests: 1 HTTP requests in this frame

Frame: https://vip.poltar2d.info/rekap-kumat/
Frame ID: E30249FE79F30B7299C2BBBC3BF54451
Requests: 42 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-japan/
Frame ID: AF9F9629452801FE0DD31019FDB34204
Requests: 42 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: D4ECB2E253D712991C1B4E5D1F038E5B
Requests: 4 HTTP requests in this frame

Frame: https://vip.roomangkasa.top/poltar.php
Frame ID: CC21380BBB61F4817E62C76E1DA91FDD
Requests: 4 HTTP requests in this frame

Frame: https://vip.zonaprediction.com/
Frame ID: 078D7D57DC538E8F29BAF639BEA66BBD
Requests: 42 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 131BCC4B95775B84C3EE547EB7F69E39
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 5CFD86697596A3E23CD88BEDFF7B782F
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-china/
Frame ID: 6361461F59625F263BD9247DDC15B7E4
Requests: 40 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 69C603196824130BF6A3F1B518EE24B6
Requests: 4 HTTP requests in this frame

Frame: https://tabelpakde.com/live-draw-hk/
Frame ID: 7BC1AA8B72806E2E61EBA9CA874206D0
Requests: 9 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: F8FD14B077D88D6C733B741F0443BABE
Requests: 4 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-sydney/
Frame ID: 1E73D5CBFA93D8E697A724BD51727F16
Requests: 40 HTTP requests in this frame

Frame: https://vip.poltar2d.info/paito-warna-taiwan/
Frame ID: F79C7F2D63957B7B37FE7A7662A8DB8E
Requests: 40 HTTP requests in this frame

Frame: https://vip.badutprediction.info/rekap-angka-2d/
Frame ID: 80C39D21B65DDF10FAB0571D95D82443
Requests: 20 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=23373
Frame ID: B85871E3E01898DF250F38ABCC9017B3
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38760
Frame ID: B1316069777167FE3E8C3701F441C806
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=58129
Frame ID: E1C7B3772C42B4E4A03EE3B80914A88C
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: D16A1C2EA5B598EE3D17C8ED85EEF63C
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: CF7F95DD6F4757B599C2E1958570EA56
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=17718
Frame ID: A6D658205A1F3F7EF6893AB8B2D001BB
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 7AF7FA10F7B5426D99B088B333023B95
Requests: 2 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: A36E54AA8CC4594C4E7109D211DD7444
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-cambodia/
Frame ID: AD57C64EC3E4DF2D3EB7687CCE2F253C
Requests: 37 HTTP requests in this frame

Frame: https://vip.zonafantasi.info/poltar.php
Frame ID: DC59861D000818804C4DF28F63F3751E
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=97849
Frame ID: 65BF32BAB3B4274D81583A3CC4B788C5
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 2AA918C96B9CB2130F0F608DE4133D43
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/live-japan/
Frame ID: 51AEB822C4E290B0704CC234F52D615B
Requests: 37 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=37296
Frame ID: 7635A91B60804D0510C81EED9C9EF4A5
Requests: 1 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livechina.php
Frame ID: 5C9C8508698ED5196A2AB1D005DCE3F8
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: 63495C83C053A79C3527A8E0993886A5
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-china/
Frame ID: 963A3D604CF0968D2E0B5CC208D64D7A
Requests: 1 HTTP requests in this frame

Frame: https://vip.poltar2d.info/angka-mistik/
Frame ID: 741E01EB7CF8A7A69AF7078A23DD52DE
Requests: 1 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livesd.php
Frame ID: 3814E6539D00042588C1CFE66B2C962A
Requests: 1 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livesydney.php
Frame ID: CEACF607ED4AB302B3189A7F8F52A897
Requests: 1 HTTP requests in this frame

Frame: https://vip.velbettgroup.com/poltar.php
Frame ID: E74446D3F527C09B5E29F68482BF7856
Requests: 2 HTTP requests in this frame

Frame: https://vip.poltar2d.info/prediksi-sydney/
Frame ID: 4A9C737112F61AA5429F4DC249517FC8
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=80488
Frame ID: 3C17008CF05CAF11EADC9F0FB07B375E
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=16856
Frame ID: 5726BA05C6E62B5DA1530B3F9B8C9FB5
Requests: 1 HTTP requests in this frame

Frame: https://vip.poltar2d.info/tabel-shio/
Frame ID: 031DD4FAF7C84B1F61D3DA8075A517CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DISKUSI ANGKA TOP – TEMPAT BERKUMPUL NYA PARA PREDIKTOR

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

2777
Requests

92 %
HTTPS

25 %
IPv6

91
Domains

118
Subdomains

70
IPs

9
Countries

580755 kB
Transfer

636695 kB
Size

131
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: http://punyadunia.com/?memberwap=bungaku88

Search URL Search Domain Scan URL

URL: http://hitamdia.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://idehebat.com/?memberwap=teamsupersonix

Search URL Search Domain Scan URL

URL: http://xn--hy1bu3c96bmw0c.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://konsepterbalik.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://obral87.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://serba5kali.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://terbalikdiskon.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://cicaksukses.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://berkatbaik.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--2o2b17yoct94ecia.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--zs5brxj7u.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://ffsukses.com/?memberwap=ratan88

Search URL Search Domain Scan URL

URL: http://xn--hg4bo4jmcp8e.com/?memberwap=ratan88

Search URL Search Domain Scan URL

URL: http://xn--om2b1fu9h4rpdrq.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://kudasatu.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--i89aqf47kdvhukv.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: http://xn--oy2b17nw6bbqq49a.com/?memberwap=bunga88

Search URL Search Domain Scan URL

URL: https://domainbett.com/register?ref=bungaku88

Search URL Search Domain Scan URL

URL: https://nagamaswin.com/?ref=bunga88

Search URL Search Domain Scan URL

URL: https://vip.velbettgroup.com/
Title: VELBETT GROUP

Search URL Search Domain Scan URL

URL: https://vip.zonafantasi.info/
Title: ZONA FANTASI

Search URL Search Domain Scan URL

URL: https://vip.egaagroup.top/
Title: EGAA GROUP

Search URL Search Domain Scan URL

URL: https://vip.roomangkasa.top/
Title: ROOM ANGKASA

Search URL Search Domain Scan URL

URL: https://vip.pangkalanhdgroup.com/
Title: PANGKALAN HD

Search URL Search Domain Scan URL

URL: https://vip.zonapools.info/
Title: ZONAPOOLS

Search URL Search Domain Scan URL

URL: https://vip.badutprediction.info/
Title: BADUT PREDICTION

Search URL Search Domain Scan URL

URL: https://vip.track-invest.top/
Title: TRACK INVES

Search URL Search Domain Scan URL

URL: https://app.track-2d.info/
Title: TRACK 2D

Search URL Search Domain Scan URL

URL: https://vip.poltar2d.info/
Title: POLTAR 2D

Search URL Search Domain Scan URL

URL: https://vip.gubukprediktor.info/
Title: GUBUK PREDICTION

Search URL Search Domain Scan URL

URL: https://w1.bungaprediction.com/
Title: BUNGA PREDICTION

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/
Title: ZONA BERMAIN

Search URL Search Domain Scan URL

URL: https://vip.zonaprediction.top/
Title: ZONA PREDICTION

Search URL Search Domain Scan URL

URL: https://vip.markas-prediktor.info/
Title: MARKAS PREDIKTOR

Search URL Search Domain Scan URL

URL: https://vip.kaptenoleng.com/
Title: KAPTEN OLENG

Search URL Search Domain Scan URL

URL: https://vip.ratuprediction.top/
Title: RATU PREDICTION

Search URL Search Domain Scan URL

URL: https://vip.zona88.top/
Title: ZONA 88

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-lengkap/
Title: PAITO WARNA LENGKAP

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-cambodia/
Title: PAITO WARNA CAMBODIA

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-sydney
Title: PAITO WARNA SYDNEY

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-japan/
Title: PAITO WARNA JAPAN

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-singapore/
Title: PAITO WARNA SINGAPORE

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-china/
Title: PAITO WARNA CHINA

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-taiwan/
Title: PAITO WARNA TAIWAN

Search URL Search Domain Scan URL

URL: https://zona-bermain.com/paito-warna-hongkong/
Title: PAITO WARNA HONGKONG

Search URL Search Domain Scan URL

URL: https://kaptenoleng.info/
Title: zona.hoky88@gmail.com

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4710812&ccid=3023

Search URL Search Domain Scan URL

URL: https://vip.zona-pools.com/
Title: ZONAPOOLS

Search URL Search Domain Scan URL

URL: https://ronangelo.com/asteroid/
Title: Asteroid Theme

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://vip.zona88.top/tabel-shio HTTP 301
https://vip.zona88.top/tabel-shio/

Request Chain 60

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=8919a7e97dabf10c

Request Chain 69

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1707252377366.1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1707252377366.1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlU0VmtKdXBwR1ZrMDl6aW9FdE9aeEVRakNaR0Y4VUpJRDdxZXY3SlJYUG8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlU0VmtKdXBwR1ZrMDl6aW9FdE9aeEVRakNaR0Y4VUpJRDdxZXY3SlJYUG8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESELX32VG88ejkXA1ai9FZ7eM&google_cver=1

Request Chain 70

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&_rand=1707252377366.2 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&_rand=1707252377366.2&expected_cookie=c7e8d076-428f-4790-b9e4-930ec7ecc9c3

Request Chain 71

https://map.go.affec.tv/map/3a/?pid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&ts=1707252377366.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65c29a99bc6e410001aae621%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65c29a99bc6e410001aae621%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/6740019904450003240?ch=65c29a99bc6e410001aae621&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 72

https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fvip.disksusiangka.info%2F&us_privacy=&cache_buster=1707252377366.4 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=04f914a0-8ab4-4b75-a0b6-99966074788d%3A1707252377.6527843&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D04f914a0-8ab4-4b75-a0b6-99966074788d%253A1707252377.6527843%26pid%3D500040%26it%3D1%26iv%3D04f914a0-8ab4-4b75-a0b6-99966074788d%253A1707252377.6527843%26_%3D1707252377.6558623&cb=1707252377.6559055 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978758895935713150&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D04f914a0-8ab4-4b75-a0b6-99966074788d%253A1707252377.6527843%26pid%3D500040%26it%3D1%26iv%3D04f914a0-8ab4-4b75-a0b6-99966074788d%253A1707252377.6527843%26_%3D1707252377.6558623 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=04f914a0-8ab4-4b75-a0b6-99966074788d%3A1707252377.6527843&pid=500040&it=1&iv=04f914a0-8ab4-4b75-a0b6-99966074788d%3A1707252377.6527843&_=1707252377.6558623 HTTP 303
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843&pid=500040&_li_chk=true&_=1707252377.6558623&iv=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843&previous_uuid=c82ea0b719bd45cc98112f6e296f3edd HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1707252377.6558623&iv=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843

Request Chain 73

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&random=1707252377366.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&random=1707252377366.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a29c3c35-1afd-4407-ae92-1fc84df28745%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a29c3c35-1afd-4407-ae92-1fc84df28745%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&ttd_puid=a29c3c35-1afd-4407-ae92-1fc84df28745%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad

Request Chain 74

https://dp2.33across.com/ps/?pid=1205&rand=1707252377366.6 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212452573673311

Request Chain 96

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 98

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=

Request Chain 99

https://idsync.rlcdn.com/386076.gif?partner_uid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhzQUJXWENtcGtBQUFBSUNIUzNBdz09EAAaDQiZtYquBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=87470e984ac6c322425543165d58e7d3d450ad09eacef004558af4c4425b555f791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=87470e984ac6c322425543165d58e7d3d450ad09eacef004558af4c4425b555f791426b5417dce21&rand=01899830

Request Chain 100

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2u8LCHrKQ7nBI14tQTClWNMARANBk5t53mctIfnw5LpU&gdpr=0&gdpr_consent=

Request Chain 101

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641886910967185458 HTTP 307
https://ml314.com/csync.ashx?fp=dd4c1c6658e1a338acf059927c4105bba05e27fe36be0844fbe2824c6f7fd53bf4cb09cee1a4f8eb&person_id=3641886910967185458&eid=50082

Request Chain 102

https://tags.bluekai.com/site/59574?id=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 146

https://vip.badutprediction.info/live-japan HTTP 301
https://vip.badutprediction.info/live-japan/

Request Chain 153

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHsABWXCmpkAAAAICHS3Aw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1280.23383%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1280.23383%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=15070017 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=eUtlRE81WXY5OTlYQXpKaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEITexlY59o2hjs8PMLWZUbw&google_cver=1

Request Chain 169

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=738194ba77d1b609 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&bid=1e2n4ou

Request Chain 171

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=738194ba77d1b609 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-HLRzGs1E2pWwxe7HUKxfasIioKJ.iYK2dnU-~A

Request Chain 269

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-ZNzuXpVE2pR6ksOAU.DVmnZab6u1atiUTA--~A&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4898902a0626ab70/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=4898902a0626ab70/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1ef63964d0079f7f2fddeaf925caff58&gdpr=0 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=4898902a0626ab70 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=3666c9fe-bb12-41d5-721c-970db651eb88&zcluid=4898902a0626ab70&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEOMR4wNwYY48KUvhE1OwPlw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=3666c9fe-bb12-41d5-721c-970db651eb88&zcluid=4898902a0626ab70&zdid=1332

Request Chain 278

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=91940 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 298

https://vip.badutprediction.info/prediksi-singapore HTTP 301
https://vip.badutprediction.info/prediksi-singapore/

Request Chain 310

https://vip.poltar2d.info/paito-warna-japan HTTP 301
https://vip.poltar2d.info/paito-warna-japan/

Request Chain 373

https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0 HTTP 302
https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=L0RCUWtYaUdSNTJlemcyczZkbklpUT09&sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt HTTP 302
https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt HTTP 302
https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=fc305091-7886-479d-9ece-0dace9d9c889&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Cbds%2Crbc%2Ctl%2Csmt HTTP 302
https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,bds,rbc,tl,smt HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=fc305091-7886-479d-9ece-0dace9d9c889&expires=10 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 374

https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0 HTTP 302
https://x.bidswitch.net/ul_cb/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=0

Request Chain 375

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=1ef63964d0079f7f2fddeaf925caff58 HTTP 307
https://cm.mgid.com/m?c=1ef63964d0079f7f2fddeaf925caff58&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 376

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=1ef63964d0079f7f2fddeaf925caff58 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=1ef63964d0079f7f2fddeaf925caff58&dcc=t

Request Chain 378

https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3314857305076316538/gdpr=/gdpr_consent=

Request Chain 379

https://id5-sync.com/s/19/9.gif?puid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/2/7/3.gif?puid=6740019904450003240&gdpr=0&gdpr_consent= HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/6/4.gif?puid=4345328060373329827&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=ZcKanwAACtYtYwBB HTTP 302
https://id5-sync.com/c/19/136/5/5.gif?puid=ZcKanwAACtYtYwBB&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/id5?uid=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/19/121/4/6/gif/0/0/0/0/ZHsABWXCmpkAAAAICHS3Aw== HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F3%2F7.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=f75764f8927cdffa90d6a9c7ccc7c3e1&redir=https://id5-sync.com/c/19/321/3/7.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/19/321/3/7.gif?puid=5dpDOVSV99YvMzJk HTTP 302
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP/gdpr=0/gdpr_consent=?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&id5id=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MWVmNjM5NjRkMDA3OWY3ZjJmZGRlYWY5MjVjYWZmNTg&id5id=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg

Request Chain 380

https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58 HTTP 302
https://thrtle.com/insync?gdpr=0&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_pid=12&vxii_pid1=10014&vxii_rcid=92218228-39bc-478f-b82a-f4e5b53fbe91

Request Chain 381

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=1ef63964d0079f7f2fddeaf925caff58 HTTP 303
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=1ef63964d0079f7f2fddeaf925caff58

Request Chain 382

https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0 HTTP 303
https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0&_bee_ppp=1 HTTP 303
https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAAdYU7LhTUAABKHLbqwlg&gdpr=0

Request Chain 385

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=59cd90ee-d211-468e-b888-2b0791cd9acc&gdpr=0

Request Chain 389

https://pixel.onaudience.com/?mapped=1ef63964d0079f7f2fddeaf925caff58&partner=104&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=2fbb3745df757273 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=

Request Chain 391

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214350604784008746070&gdpr=0&gdpr_consent=

Request Chain 392

https://ce.lijit.com/merge?pid=5001&3pid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&location=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5436%26tp%3DSVRN%26tpid%3D%5BSOVRNID%5D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=IHj-ASZHA5mXSqTcSkShkITv&gdpr=0

Request Chain 395

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=275639704 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=275639704

Request Chain 406

https://um.simpli.fi/lj_match?r=43995 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 482

https://vip.poltar2d.info/prediksi-japan HTTP 301
https://vip.poltar2d.info/prediksi-japan/

Request Chain 562

https://vip.badutprediction.info/prediksi-cambodia HTTP 301
https://vip.badutprediction.info/prediksi-cambodia/

Request Chain 564

https://um.simpli.fi/lj_match?r=93326 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 601

https://um.simpli.fi/lj_match?r=98563 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 626

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IHj-ASZHA5mXSqTcSkShkITv/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=1ef63964d0079f7f2fddeaf925caff58

Request Chain 697

https://vip.poltar2d.info/prediksi-taiwan HTTP 301
https://vip.poltar2d.info/prediksi-taiwan/

Request Chain 781

https://um.simpli.fi/lj_match?r=32471 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 876

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://match.prod.bidr.io/cookie-sync/throtle HTTP 303
https://thrtle.com/sync?vxii_pdid=AAAdYU7LhTUAABKHLbqwlg&vxii_pid=5037&_t=1707252386.6059995

Request Chain 877

https://tag.crsspxl.com/c.gif?t=57603&gdpr=0 HTTP 302
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0

Request Chain 879

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=1ef63964d0079f7f2fddeaf925caff58 HTTP 302
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=1ef63964d0079f7f2fddeaf925caff58&sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=OTAyNzE1NzAwNDUzOTI4MTQ1MQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEAPlTxRy4BHzGPdON5AGkgg&google_cver=1

Request Chain 880

https://map.cookieless-data.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent= HTTP 307
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent= HTTP 307
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=&bounce=1

Request Chain 881

https://spl.zeotap.com/?zdid=637&env=mWeb&eventType=pageview&gdpr=0 HTTP 302
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=13db9786-9c0e-434e-7e27-8a377d59496c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=bea69cc1-f3df-44e4-48ac-d307d93e9c05&zdid=637 HTTP 302
https://mwzeom.zeotap.com/mw?pid=1ef63964d0079f7f2fddeaf925caff58&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=bea69cc1-f3df-44e4-48ac-d307d93e9c05&zdid=637

Request Chain 882

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=0aed2b532462e974f32d0f00a27b11ae&gdpr=0

Request Chain 884

https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79 HTTP 302
https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79 HTTP 302
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=264ff30c-29ce-4cb5-90cb-d84731a1c787

Request Chain 885

https://jadserve.postrelease.com/dmp/5?vk=1ef63964d0079f7f2fddeaf925caff58/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=26f95d0f-896a-49d9-9b78-9cfac059382b/gdpr=0

Request Chain 886

https://x01.aidata.io/0.gif?pid=LOTAME&id=1ef63964d0079f7f2fddeaf925caff58&gdpr=0 HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&bounce=1

Request Chain 888

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=741898726 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=741898726

Request Chain 889

https://bcp.crwdcntrl.net/map/c=12526?https%3A%2F%2Fuipus.semasio.net%2Flotame%2F1%2Fget%3FsType%3Dsync%26sExtCookieId%3D%24%7Bprofile_id%7D%26sInitiator%3Dexternal%26_url%3Dhttps%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D12526%2Ftp%3DSEMA%2Ftpid%3D%24%7BUIPID()%7D HTTP 302
https://uipus.semasio.net/lotame/1/get?sType=sync&sExtCookieId=1ef63964d0079f7f2fddeaf925caff58&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()} HTTP 302
https://uipus.semasio.net/lotame/1/get2?sType=sync&sExtCookieId=1ef63964d0079f7f2fddeaf925caff58&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()} HTTP 302
https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=C9471E5D3D4D6B8A

Request Chain 891

https://vip.badutprediction.info/prediksi-taiwan HTTP 301
https://vip.badutprediction.info/prediksi-taiwan/

Request Chain 892

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=ZcKanwAACtYtYwBB&bid=0rijhbu&referrer_pid=51md42u

Request Chain 893

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=6740019904450003240&bid=2cr76e1&referrer_pid=51md42u

Request Chain 894

https://tags.bluekai.com/site/39798?limit=1&id=2PpRG53Wr0FTWSbaiPvFVgFrKEcNp0m_ZPiXc5xMIlKI HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI HTTP 302
https://tags.bluekai.com/site/19505?id=y-c7PPntZE2pKnzg.GB9VUmDsvIOSzV4KF7cA-~A

Request Chain 896

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=978758895935713150&bid=omt9pi0

Request Chain 924

https://um.simpli.fi/lj_match?r=12303 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 979

https://vip.poltar2d.info/generator-line-angka HTTP 301
https://vip.poltar2d.info/generator-line-angka/

Request Chain 994

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=92218228-39bc-478f-b82a-f4e5b53fbe91 HTTP 302
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3

Request Chain 995

https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js HTTP 302
https://cdn.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js

Request Chain 1001

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=108927253 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=108927253

Request Chain 1039

https://um.simpli.fi/lj_match?r=59867 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1044

https://um.simpli.fi/lj_match?r=39785 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1186

https://vip.poltar2d.info/live-cambodia HTTP 301
https://vip.poltar2d.info/live-cambodia/

Request Chain 1188

https://um.simpli.fi/lj_match?r=19828 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1189

https://um.simpli.fi/lj_match?r=14865 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1200

https://vip.poltar2d.info/rekap-angka-ct HTTP 301
https://vip.poltar2d.info/rekap-angka-ct/

Request Chain 1202

https://vip.poltar2d.info/generator-angka HTTP 301
https://vip.poltar2d.info/generator-angka/

Request Chain 1383

https://vip.badutprediction.info/rekap-angka-3d HTTP 301
https://vip.badutprediction.info/rekap-angka-3d/

Request Chain 1512

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1 HTTP 302
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f

Request Chain 1513

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1 HTTP 302
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f

Request Chain 1550

https://um.simpli.fi/lj_match?r=51001 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1551

https://um.simpli.fi/lj_match?r=69248 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1570

https://vip.poltar2d.info/live-hongkong HTTP 301
https://vip.poltar2d.info/live-hongkong/

Request Chain 1580

https://vip.poltar2d.info/rekap-angka-4d HTTP 301
https://vip.poltar2d.info/rekap-angka-4d/

Request Chain 1604

https://vip.poltar2d.info/paito-warna-hongkong HTTP 301
https://vip.poltar2d.info/paito-warna-hongkong/

Request Chain 1618

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://sync.srv.stackadapt.com/sync?nid=throtle HTTP 302
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399

Request Chain 1619

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://sync.srv.stackadapt.com/sync?nid=throtle HTTP 302
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399

Request Chain 1684

https://um.simpli.fi/lj_match?r=40286 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1738

https://vip.poltar2d.info/buku-mimpi-4d HTTP 301
https://vip.poltar2d.info/buku-mimpi-4d/

Request Chain 1739

https://vip.poltar2d.info/paito-warna-china HTTP 301
https://vip.poltar2d.info/paito-warna-china/

Request Chain 1788

https://um.simpli.fi/lj_match?r=27262 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1789

https://um.simpli.fi/lj_match?r=87571 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 1798

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=92218228-39bc-478f-b82a-f4e5b53fbe91 HTTP 303
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=c82ea0b7-19bd-45cc-9811-2f6e296f3edd&_t=1707252400 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE HTTP 302
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-kAIQhHBE2oT6lJDy2xGV7LTX55OwmxnlHUCUgA--~A

Request Chain 1799

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=92218228-39bc-478f-b82a-f4e5b53fbe91 HTTP 303
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=c82ea0b7-19bd-45cc-9811-2f6e296f3edd&_t=1707252400

Request Chain 1804

https://vip.badutprediction.info/rekap-angka-2d HTTP 301
https://vip.badutprediction.info/rekap-angka-2d/

Request Chain 2008

https://vip.poltar2d.info/live-hongkong HTTP 301
https://vip.poltar2d.info/live-hongkong/

Request Chain 2081

https://tabelpakde.com/wp-content/themes/images/brick-wall.png HTTP 301
https://tabelpakde.com/

Request Chain 2118

https://vip.poltar2d.info/paito-warna-sydney HTTP 301
https://vip.poltar2d.info/paito-warna-sydney/

Request Chain 2126

https://um.simpli.fi/lj_match?r=97473 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 2127

https://um.simpli.fi/lj_match?r=90475 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 2131

https://vip.poltar2d.info/rekap-kumat HTTP 301
https://vip.poltar2d.info/rekap-kumat/

Request Chain 2146

https://vip.poltar2d.info/prediksi-japan HTTP 301
https://vip.poltar2d.info/prediksi-japan/

Request Chain 2148

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=92218228-39bc-478f-b82a-f4e5b53fbe91 HTTP 302
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=8BC943F382EAC9BE94D5FD5C31ED830D

Request Chain 2149

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=92218228-39bc-478f-b82a-f4e5b53fbe91 HTTP 302
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=1322DC2CAE5CEC9A8FE68D7FF19D6766

Request Chain 2226

https://vip.poltar2d.info/live-china HTTP 301
https://vip.poltar2d.info/live-china/

Request Chain 2298

https://vip.poltar2d.info/live-sydney HTTP 301
https://vip.poltar2d.info/live-sydney/

Request Chain 2373

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D16%26_t%3D1707252410%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_ts=16&_t=1707252410&_reach=1

Request Chain 2418

https://um.simpli.fi/lj_match?r=10369 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 2419

https://vip.poltar2d.info/paito-warna-taiwan HTTP 301
https://vip.poltar2d.info/paito-warna-taiwan/

Request Chain 2420

https://vip.badutprediction.info/rekap-angka-2d HTTP 301
https://vip.badutprediction.info/rekap-angka-2d/

Request Chain 2502

https://tabelpakde.com/wp-content/themes/images/brick-wall.png HTTP 301
https://tabelpakde.com/

Request Chain 2507

https://um.simpli.fi/lj_match?r=85771 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 2508

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-bb2d-817472fc4f3d

Request Chain 2510

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv HTTP 302
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-a7e6-595113d3b79c

Request Chain 2600

https://vip.poltar2d.info/live-cambodia HTTP 301
https://vip.poltar2d.info/live-cambodia/

Request Chain 2646

https://vip.poltar2d.info/live-japan HTTP 301
https://vip.poltar2d.info/live-japan/

Request Chain 2676

https://vip.poltar2d.info/prediksi-china HTTP 301
https://vip.poltar2d.info/prediksi-china/

Request Chain 2688

https://vip.poltar2d.info/angka-mistik HTTP 301
https://vip.poltar2d.info/angka-mistik/

Request Chain 2708

https://vip.poltar2d.info/prediksi-sydney HTTP 301
https://vip.poltar2d.info/prediksi-sydney/

Request Chain 2743

https://um.simpli.fi/lj_match?r=204 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 2745

https://um.simpli.fi/lj_match?r=51167 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

Request Chain 2750

https://vip.poltar2d.info/tabel-shio HTTP 301
https://vip.poltar2d.info/tabel-shio/

2777 HTTP transactions
53 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vip.disksusiangka.info/ 111 KB
25 KB 1086ms
495ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

13493c0c4180ac029dd56875d1c8096c14657d5bcef82ec5cfa069a7349852be

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:15 GMT
link: <https://vip.disksusiangka.info/wp-json/>; rel="https://api.w.org/" <https://vip.disksusiangka.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.disksusiangka.info/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 style.min.css
vip.disksusiangka.info/wp-includes/css/dist/block-library/ 108 KB
13 KB 269ms
268ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
content-encoding: br
last-modified: Tue, 30 Jan 2024 23:13:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:15 GMT

GET
BLOB 200
OK 8893f3ad-0fc9-49f7-8edd-70f380e2fa46
https://vip.disksusiangka.info/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.disksusiangka.info/8893f3ad-0fc9-49f7-8edd-70f380e2fa46
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 cwp.css
vip.disksusiangka.info/wp-content/plugins/comments-widget-plus/assets/css/ 227 B
282 B 284ms
278ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:15 GMT

GET
H2 200 sidebar-login.css
vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/ 2 KB
385 B 283ms
277ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:15 GMT

GET
H2 200 style.css
vip.disksusiangka.info/wp-content/themes/asteroid/ 28 KB
8 KB 282ms
277ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
content-encoding: br
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:15 GMT

GET
H2 200 jquery.min.js Show response
vip.disksusiangka.info/wp-includes/js/jquery/ 86 KB
29 KB 285ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
vip.disksusiangka.info/wp-includes/js/jquery/ 13 KB
5 KB 284ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
content-encoding: br
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:15 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
26 KB 141ms
36ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.disksusiangka.info/
Origin: https://vip.disksusiangka.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317900
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 133ms
55ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 7307988
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163dd39befda87-MIA
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 139ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.disksusiangka.info/
Origin: https://vip.disksusiangka.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498500
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 62 KB
16 KB 148ms
44ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.disksusiangka.info/
Origin: https://vip.disksusiangka.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268425
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... 258 KB
258 KB 456ms
294ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:15 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:15 GMT

GET
H2 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... 4 MB
4 MB 709ms
547ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... 53 KB
53 KB 390ms
367ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... 652 KB
653 KB 692ms
670ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... 397 KB
397 KB 605ms
583ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... 443 KB
443 KB 611ms
590ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... 829 KB
830 KB 443ms
423ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... 736 KB
737 KB 738ms
720ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... 1 MB
1 MB 567ms
549ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... 2 MB
2 MB 1295ms
1277ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... 2 MB
2 MB 1826ms
1808ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:17 GMT

GET
H2 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... 733 KB
733 KB 568ms
550ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... 2 MB
2 MB 780ms
763ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... 812 KB
812 KB 561ms
544ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... 659 KB
659 KB 533ms
516ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... 1 MB
1 MB 567ms
550ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... 718 KB
719 KB 533ms
516ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... 309 KB
309 KB 778ms
761ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... 1 MB
1 MB 736ms
721ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H2 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... 173 KB
173 KB 531ms
515ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:16 GMT

GET
H/1.1 200
OK 4710812&101.gif
s4is.histats.com/stats/i/ 2 KB
2 KB 323ms
87ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4710812&101.gif?4710812&101
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 2f1b0b2668cc081f84472bffd04e6cf999046b7b7cdd6afe99994a035919873e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
ETag: 91942766
Content-Length: 1895
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.disksusiangka.info/wp-includes/js/dist/vendor/ 8 KB
2 KB 301ms
287ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: br
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:16 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.disksusiangka.info/wp-includes/js/dist/vendor/ 6 KB
2 KB 300ms
286ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:16 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.disksusiangka.info/wp-includes/js/dist/vendor/ 112 KB
34 KB 302ms
288ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:16 GMT

GET
H3 200 frontend.js Show response
vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/ 4 KB
2 KB 299ms
286ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: br
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:16 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 177ms
66ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38038
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dd60ea62886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.pangkalanhdgroup.com/ Frame BB2E 11 KB
3 KB 1023ms
296ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.pangkalanhdgroup.com/poltar.php

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

a29edc6ce037f547367624f31d091bad2479e96cc965ee2cf6e480069c5d66b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2410
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 135ms
54ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.disksusiangka.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 36adb13f40b69c4e2bcc0e776c744dc8
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163dd5fb144c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 81f019efc01a267e92ba94ecc6392d26
secure.gravatar.com/avatar/ 3 KB
4 KB 183ms
58ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e960c32bd5c77e745800b354a8f6a3e129b45ef5285f2efa481ddbe62e67b27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:16 GMT
last-modified: Thu, 07 Sep 2023 03:56:58 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="81f019efc01a267e92ba94ecc6392d26.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=35&d=mm&r=g>; rel="canonical"
content-length: 3412
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:16 GMT

GET
H2 200 6252e39839e6ccd08a0e6cc300ddbe37
secure.gravatar.com/avatar/ 3 KB
3 KB 183ms
60ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/6252e39839e6ccd08a0e6cc300ddbe37?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 11185f2195e02415011e74251233e377b156e28dadfd626be19c50016561d7ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:16 GMT
last-modified: Wed, 10 May 2023 05:31:27 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6252e39839e6ccd08a0e6cc300ddbe37.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/6252e39839e6ccd08a0e6cc300ddbe37?s=35&d=mm&r=g>; rel="canonical"
content-length: 3132
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:16 GMT

GET
H2 200 4fd4cf70c8bd2b0429b5e73d86cdd397
secure.gravatar.com/avatar/ 1 KB
2 KB 164ms
41ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/4fd4cf70c8bd2b0429b5e73d86cdd397?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5800f2ab7d41d8c2917b85c61a643febbb863f672d077201d23d88d6c0874856

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:16 GMT
last-modified: Mon, 24 Oct 2022 20:51:59 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="4fd4cf70c8bd2b0429b5e73d86cdd397.jpeg"
accept-ranges: bytes
link: <https://gravatar.com/avatar/4fd4cf70c8bd2b0429b5e73d86cdd397?s=35&d=mm&r=g>; rel="canonical"
content-length: 1259
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:16 GMT

GET
H2 200 c2e81e43bd102993f3f2f3bfb579ab3c
secure.gravatar.com/avatar/ 2 KB
3 KB 163ms
40ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c2e81e43bd102993f3f2f3bfb579ab3c?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e0dd9e4cca29c757d0f6a5e6b5e43bc8d136f48365d864f287c35de6813254e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:16 GMT
last-modified: Mon, 12 Jun 2023 12:26:27 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c2e81e43bd102993f3f2f3bfb579ab3c.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c2e81e43bd102993f3f2f3bfb579ab3c?s=35&d=mm&r=g>; rel="canonical"
content-length: 2510
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:16 GMT

GET
H2 200 387f24867f70f1abb15cb56673f0849b
secure.gravatar.com/avatar/ 4 KB
4 KB 165ms
42ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/387f24867f70f1abb15cb56673f0849b?s=35&d=mm&r=g
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3dba4614f3392f3d4eb6e73700ed60cb0818cef4b9079d4b46946d88d4938364

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:16 GMT
last-modified: Fri, 02 Jun 2023 09:52:13 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="387f24867f70f1abb15cb56673f0849b.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/387f24867f70f1abb15cb56673f0849b?s=35&d=mm&r=g>; rel="canonical"
content-length: 3630
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:16 GMT

GET
H2 200 / Show response
vip.badutprediction.info/ Frame C5A0 114 KB
22 KB 1177ms
506ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

8451b93c3f9872bf81872056b8fd3e8076b485266608a073c93fa3ad41963c85

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:17 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2

200

/ Show response
vip.zona88.top/tabel-shio/ Frame E668
Redirect Chain

https://vip.zona88.top/tabel-shio
https://vip.zona88.top/tabel-shio/

102 KB
24 KB

390ms
386ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/tabel-shio/

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

586861516f0846ebb35a5163da3f8acf8d3aeed5305dd120efa8a814e3d0a562

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:17 GMT
link: <https://vip.zona88.top/wp-json/>; rel="https://api.w.org/" <https://vip.zona88.top/wp-json/wp/v2/posts/295>; rel="alternate"; type="application/json" <https://vip.zona88.top/?p=295>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.zona88.top/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:17 GMT
location: https://vip.zona88.top/tabel-shio/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.zona88.top/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4710812.php Show response
s4.histats.com/stats/ 440 B
575 B 240ms
73ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4710812.php?4710812&@f16&@g1&@h1&@i1&@j1707252376094&@k0&@l1&@mDISKUSI%20ANGKA%20TOP%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@o1000&@q0&@r0&@s3023&@ten-US&@u1600&@b1:-123911113&@b3:1707252376&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.disksusiangka.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: b4676763b1f597bc91626752b65f657e1b29810aff46c13e9246b05442eb7913

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:08 GMT
Connection: close
Content-Length: 440
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.disksusiangka.info/wp-includes/js/ 18 KB
5 KB 277ms
274ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.disksusiangka.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: br
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:16 GMT

GET
H2 200 cc_3023.js Show response
s10.histats.com/counters/ 18 KB
7 KB 59ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3023.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 3443
etag: "73940338"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dd86abb2886-MIA
content-length: 7567

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
4 KB 341ms
235ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4710812.php?4710812&@f16&@g1&@h1&@i1&@j1707252376094&@k0&@l1&@mDISKUSI%20ANGKA%20TOP%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@o1000&@q0&@r0&@s3023&@ten-US&@u1600&@b1:-123911113&@b3:1707252376&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.disksusiangka.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3d3c7d9b8dc8cecbf291496c2627e082ff3217cb5b1073d0fad3de92a3bc4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-t: 0.31
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77mhGMsE5dbgjTNpBFeIpJ7Zov0P7L0VKbwe19wSxlhS4QVb0ddiP7gWN2i1%2Fb5vSOjFprof3gtj84%2FL3dd3rBq2wChNhhHGVBr7E%2Fx3fMDrkKyVrltJ6FRq%2BZUU%2F1EOuKGCL2TBGNEaBe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163dd908647449-MIA
expires: Tue, 06 Feb 2024 20:46:15 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 26DB 1 KB
763 B 120ms
119ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=10401707252376755089DB59665E5F0C
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b14921f75443f0da58373b5c64fd934775e2cb46cd6a541d640bc12b48802ce

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 85163ddadca57449-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:16 GMT
expires: Tue, 06 Feb 2024 20:46:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi8u7QJAuSHAFmIcBk%2BGI%2F%2B2HUW4Lp%2BqkmSZl5HldrYMQ1l0HAIWwxa5Jq8Ozap%2FbzApZXeW%2FG8hbwrhrXZ2j4GSJU1kOW%2Bf7o35rUR3JulD7r2SbIbAKSAvxWBXMgIBMkjdYxtiocHTN70%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 242ms
73ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37164
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: DbUUwXAv1g8-8DPe7nt_hrTpSkqrL68KohVDPvoNmJs0LjrdHMP4kA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 306ms
82ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 140ms
45ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:01 GMT
server: cloudflare
age: 240238
etag: W/"651ed18d-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 85163ddb7ae78dbe-MIA
expires: Fri, 09 Feb 2024 20:46:16 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
341 B 136ms
135ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.disksusiangka.info&_ss=6f9wqnmr6u&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=39hq&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ac6c6b9e03b9ea7205fc51f00c54638695fa0f268e12bcfc164de33a2bdc57e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:16 GMT
x-t: 0.131
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35pPhYAi4Y6o1krQU6SjASR0wbeobPo6scR9xMeE7%2FjypoJB3ke7vX7S10bOuoU1g%2B4IOZH%2B5MM7LRV1Ht8kYutzVRsqOAlfl2tuk73LGdDS2p10BfadiTIJ1c7fDbOWMOeZl16%2FfPhN7C4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ddaecbd7449-MIA
expires: Tue, 06 Feb 2024 20:46:15 GMT

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame BB2E 15 KB
4 KB 993ms
290ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 236ms
68ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:37:24 GMT
content-encoding: gzip
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 68934
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 1TQx_XowIVVPO9njwi9XKPL-u09gS1RBfWuwJNlRvC8Y1pGqxw873A==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
598 B 197ms
88ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.disksusiangka.info%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.disksusiangka.info%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
x-t: 1.27
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg4ECRMwvH4g7sQVCg%2FK5N7tdeAgyAIrVDoA97jTEqAi0pcr9xicys3IkCwa5RVzhu0Ai8OsM7LQBM%2BUNSGkLv31SKTM0rinajltDiMzTAJkuWkznlETCn5359cEus%2F9C%2FP2E19KYd3%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 85163ddd1ff7daa9-MIA
expires: Tue, 06 Feb 2024 20:49:56 GMT

GET
H2

200

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=8919a7e97dabf10c

62 B
428 B

367ms
136ms

Image
image/gif

23.37.113.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=8919a7e97dabf10c
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 23.37.113.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-113-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 20:46:17 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=8919a7e97dabf10c
content-length: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
457 B 257ms
106ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
via: 1.1 7cd90bfbf5a6ee327baf597a703e2422.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
x-amzn-requestid: da7070e2-a3a6-41ee-9916-49017881a01e
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Su0X_GkwiYcESnA=
content-length: 50
x-amz-cf-id: e6yZx3SJ7P6KPqZd7xIWXTycWNO1JDAoOp1-BE4NEfESPCjXA7Jhuw==

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 243ms
60ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1707252377078&dn=AFWU&iso=0&pu=https%3A%2F%2Fvip.disksusiangka.info%2F&t=DISKUSI%20ANGKA%20TOP%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&chmob=0
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 290ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5928849161165981&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:17 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 70ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.5928849161165981&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame C5A0 108 KB
13 KB 286ms
252ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
BLOB 200
OK dc590b54-97ba-4163-bee1-f6e7e9b5ef1b
https://vip.badutprediction.info/ Frame C5A0 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.badutprediction.info/dc590b54-97ba-4163-bee1-f6e7e9b5ef1b
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 72ms
64ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 52c602c5946d3cd1ae7556ce70fd8a2ba66a53fce5cb40f537aa88987ea7a029

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Tue, 06 Feb 2024 20:46:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1525
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3D04 2 KB
1 KB 80ms
77ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5928849161165981&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:17 GMT
Expires: Tue, 13 Feb 2024 20:46:17 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1707252377366.1
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1707252377366.1
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlU0VmtKdXBwR1ZrMDl6aW9FdE9aeEVRakNaR0Y4VUpJRDdxZXY3SlJYUG8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MlU0VmtKdXBwR1ZrMDl6aW9FdE9aeEVRakNaR0Y4VUpJRDdxZXY3SlJYUG8&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESELX32VG88ejkXA1ai9FZ7eM&google_cver=1

70 B
440 B

66ms
65ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESELX32VG88ejkXA1ai9FZ7eM&google_cver=1
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 20:46:18 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESELX32VG88ejkXA1ai9FZ7eM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&_rand=1707252377366.2
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&_rand=1707252377366.2&expected_cookie=c7e8d076-428f-4790-b9e4-930ec7ecc9c3

0
140 B

92ms
91ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&_rand=1707252377366.2&expected_cookie=c7e8d076-428f-4790-b9e4-930ec7ecc9c3
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 658A7497197F4B1AB1818B68695651C5 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKuEbM1hko5z98MVug==

Redirect headers

date: Tue, 06 Feb 2024 20:46:17 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C4A6A6F306304D5691D3DCBB089CCB4B Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=15927&puuid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&_rand=1707252377366.2&expected_cookie=c7e8d076-428f-4790-b9e4-930ec7ecc9c3
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKuCxOoCmxs83kOmtQ==

GET
H2

204

e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&ts=1707252377366.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65c29a99bc6e410001aae621%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65c29a99bc6e410001aae621%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/6740019904450003240?ch=65c29a99bc6e410001aae621&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3?ttd_puid=&gdpr=0&gdpr_consent=

0
562 B

66ms
59ms

Image
text/plain

34.193.93.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 34.193.93.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-93-235.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3?ttd_puid=&gdpr=0&gdpr_consent=
date: Tue, 06 Feb 2024 20:46:18 GMT
server: Kestrel
content-length: 229

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Fvip.disksusiangka....
https://p.rfihub.com/cm?pub=39342&in=1&userid=04f914a0-8ab4-4b75-a0b6-99966074788d%3A1707252377.6527843&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D04f914a0-8ab4-4b75...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=978758895935713150&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D04f914a...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=04f914a0-8ab4-4b75-a0b6-99966074788d%3A1707252377.6527843&pid=500040&it=1&iv=04f914a0-8ab4-4b75-a0b6-99966074788d%3A1707252377.6527843&_=170...
https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843&pid=500040&_li_chk=true&_=1707252377.6558623&iv=04f914a0-8ab4-4b75-a0b6-9996607...
https://pippio.com/api/sync?it=1&pid=500040&_=1707252377.6558623&iv=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843

42 B
193 B

93ms
87ms

Image
image/gif

107.178.254.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1707252377.6558623&iv=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1707252377.6558623&iv=04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843
Date: Tue, 06 Feb 2024 20:46:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

v2
usermatch.krxd.net/um/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&random=1707252377366.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fap...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&random=1707252377366.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.ne...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a29c3c35-1afd-4407-ae92-1fc84df28745%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=a29c3c35-1afd-4407-ae92-1fc84df28745%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&ttd_puid=a29c3c35-1afd-4407-ae92-1fc84df28745%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad

2 B
82 B

274ms
58ms

Image
application/json

18.211.137.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=tapad
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 18.211.137.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-137-235.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
server: awselb/2.0
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

date: Tue, 06 Feb 2024 20:46:18 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://usermatch.krxd.net/um/v2?partner=tapad
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1707252377366.6
https://idsync.rlcdn.com/405716.gif?partner_uid=212452573673311

42 B
439 B

252ms
74ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212452573673311
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:17 GMT
referrer-policy: unsafe-url
server: 33XP010
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212452573673311
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 204 /
dp1.33across.com/ps/ 0
69 B 231ms
62ms Image
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp1.33across.com/ps/?pid=669&uid=CoIKSWXCmplPk%2BYDIoYcAg%3D%3D&us_privacy=&random=1707252377366.7&pu=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP013 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-33x-status: 208
date: Tue, 06 Feb 2024 20:46:16 GMT
server: 33XP013

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 227ms
59ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3257
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: _D3qXMjrrui9mf0OWGQc-4lAa4Rw6O3eieT1-ZItGsmJYMDEFmOvMQ==

GET
H2 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame C5A0 227 B
282 B 284ms
271ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H2 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame C5A0 2 KB
385 B 286ms
273ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H2 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame C5A0 28 KB
8 KB 282ms
270ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H2 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame C5A0 86 KB
29 KB 289ms
277ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H2 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame C5A0 13 KB
5 KB 286ms
273ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame C5A0 157 KB
26 KB 56ms
43ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317902
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C5A0 30 KB
7 KB 68ms
49ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 7307990
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ddf9a34da87-MIA
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame C5A0 21 KB
8 KB 42ms
31ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498502
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame C5A0 62 KB
16 KB 51ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268427
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760064-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame C5A0 3 MB
3 MB 852ms
260ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H2 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame C5A0 311 B
410 B 374ms
358ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_DhvDCpkIgEeBZME6OIEURdUUtmEF9sTWy-3zmRDrV-mQos/s25/on-1.gif

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:17 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame C5A0 43 B
182 B 241ms
83ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame C5A0 8 KB
3 KB 313ms
297ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame C5A0 6 KB
2 KB 265ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame C5A0 112 KB
34 KB 271ms
269ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame C5A0 4 KB
2 KB 270ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame FEAF 19 KB
9 KB 78ms
70ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
H3 200 style.min.css
vip.zona88.top/wp-includes/css/dist/block-library/ Frame E668 108 KB
14 KB 281ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:09 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:17 GMT

GET
BLOB 200
OK acaf7903-ca7b-4607-a9e7-2f37e29e1810
https://vip.zona88.top/ Frame E668 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.zona88.top/acaf7903-ca7b-4607-a9e7-2f37e29e1810
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2

200

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
335 B

68ms
67ms

Fetch
application/json

18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.disksusiangka.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

Redirect headers

location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
access-control-allow-origin: https://vip.disksusiangka.info
date: Tue, 06 Feb 2024 20:46:17 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 64E9 438 B
675 B 105ms
67ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

70f632569c4df6ec4b2776e73f2ad512211d336c7b1d3860f59ab0e3bdef6e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame FEAF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=

42 B
297 B

334ms
79ms

Image
image/gif

3.20.160.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Server

3.20.160.213 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-160-213.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHsABWXCmpkAAAAICHS3Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=
date: Tue, 06 Feb 2024 20:46:17 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame FEAF
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhzQUJXWENtcGtBQUFBSUNIUzNBdz09EAAaDQiZtYquBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=87470e984ac6c322425543165d58e7d3d450ad09eacef004558af4c4425b555f791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=87470e984ac6c322425543165d58e7d3d450ad09eacef004558af4c4425b555f791426b5417dce21&rand=01899830

0
142 B

93ms
90ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=87470e984ac6c322425543165d58e7d3d450ad09eacef004558af4c4425b555f791426b5417dce21&rand=01899830
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 552893EFC9B64317B292B9C71035E39C Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKuNpzwVnLsoTpO2Kw==

Redirect headers

date: Tue, 06 Feb 2024 20:46:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=87470e984ac6c322425543165d58e7d3d450ad09eacef004558af4c4425b555f791426b5417dce21&rand=01899830
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame FEAF
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2u8LCHrKQ7nBI14tQTClWNMARANBk5t53mctIfnw5LpU&gdpr=0&gdpr_consent=

42 B
297 B

284ms
72ms

Image
image/gif

3.20.160.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2u8LCHrKQ7nBI14tQTClWNMARANBk5t53mctIfnw5LpU&gdpr=0&gdpr_consent=

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Server

3.20.160.213 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-160-213.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHsABWXCmpkAAAAICHS3Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2u8LCHrKQ7nBI14tQTClWNMARANBk5t53mctIfnw5LpU&gdpr=0&gdpr_consent=
Date: Tue, 06 Feb 2024 20:46:17 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame FEAF
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641886910967185458
https://ml314.com/csync.ashx?fp=dd4c1c6658e1a338acf059927c4105bba05e27fe36be0844fbe2824c6f7fd53bf4cb09cee1a4f8eb&person_id=3641886910967185458&eid=50082

43 B
124 B

85ms
73ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=dd4c1c6658e1a338acf059927c4105bba05e27fe36be0844fbe2824c6f7fd53bf4cb09cee1a4f8eb&person_id=3641886910967185458&eid=50082
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 07 Feb 2024 20:46:18 GMT
date: Tue, 06 Feb 2024 20:46:18 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:18 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=dd4c1c6658e1a338acf059927c4105bba05e27fe36be0844fbe2824c6f7fd53bf4cb09cee1a4f8eb&person_id=3641886910967185458&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame FEAF
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

270ms
76ms

Image
image/gif

3.20.160.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Server

3.20.160.213 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-20-160-213.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHsABWXCmpkAAAAICHS3Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Tue, 06 Feb 2024 20:46:17 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame C5A0 135 KB
135 KB 792ms
792ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
DATA 200
OK truncated
/ Frame C5A0 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame C5A0 75 KB
76 KB 49ms
49ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163de27d4a4c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C5A0 11 KB
5 KB 68ms
63ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38040
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163de2cc8f2886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.roomangkasa.top/ Frame 0620 10 KB
3 KB 881ms
264ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 64E9 51 KB
16 KB 261ms
83ms Script
application/javascript 23.7.64.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.7.64.229 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-7-64-229.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Tue, 06 Feb 2024 20:46:18 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame BB2E 11 KB
4 KB 57ms
57ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38040
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163de2ccaf2886-MIA
content-length: 4547

GET
H2 200 / Show response
vip.zonaprediction.com/ Frame BBA8 112 KB
25 KB 1014ms
335ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

e75f593db8c7a39b4be3017873d9c9e66c35a8cdd101e028ece84abaca9793a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:18 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 cwp.css
vip.zona88.top/wp-content/plugins/comments-widget-plus/assets/css/ Frame E668 227 B
331 B 282ms
281ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 sidebar-login.css
vip.zona88.top/wp-content/plugins/sidebar-login/build/ Frame E668 2 KB
376 B 295ms
286ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 style.css
vip.zona88.top/wp-content/themes/asteroid/ Frame E668 28 KB
8 KB 291ms
283ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 jquery.min.js Show response
vip.zona88.top/wp-includes/js/jquery/ Frame E668 86 KB
29 KB 350ms
341ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zona88.top/wp-includes/js/jquery/ Frame E668 13 KB
5 KB 292ms
284ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame E668 157 KB
26 KB 73ms
65ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zona88.top/
Origin: https://vip.zona88.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317902
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E668 30 KB
7 KB 77ms
69ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674344
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163de36fc17494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame E668 21 KB
8 KB 74ms
66ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zona88.top/
Origin: https://vip.zona88.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498503
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame E668 62 KB
16 KB 75ms
68ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zona88.top/
Origin: https://vip.zona88.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268427
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame E668 258 KB
258 KB 230ms
223ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame E668 4 MB
4 MB 280ms
273ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame E668 53 KB
53 KB 703ms
698ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame E668 652 KB
652 KB 302ms
298ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame E668 397 KB
397 KB 367ms
363ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame E668 443 KB
443 KB 774ms
753ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame E668 829 KB
829 KB 504ms
482ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame E668 736 KB
736 KB 712ms
690ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame E668 1 MB
1 MB 911ms
890ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame E668 2 MB
2 MB 747ms
725ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame E668 2 MB
2 MB 1916ms
1894ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:20 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame E668 733 KB
733 KB 836ms
814ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame E668 2 MB
2 MB 498ms
477ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame E668 812 KB
812 KB 925ms
904ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:19 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame E668 659 KB
659 KB 744ms
723ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame E668 1 MB
1 MB 752ms
731ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame E668 718 KB
718 KB 507ms
486ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame E668 309 KB
309 KB 889ms
869ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame E668 1 MB
1 MB 904ms
884ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame E668 173 KB
173 KB 442ms
422ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:18 GMT

GET
H/1.1 200
OK 4772420.gif
s4is.histats.com/stats/i/ Frame E668 43 B
182 B 218ms
82ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4772420.gif?4772420&103
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.zona88.top/wp-includes/js/ Frame E668 3 KB
1 KB 373ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zona88.top/wp-includes/js/dist/vendor/ Frame E668 8 KB
2 KB 283ms
279ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zona88.top/wp-includes/js/dist/vendor/ Frame E668 6 KB
2 KB 284ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zona88.top/wp-includes/js/dist/vendor/ Frame E668 112 KB
34 KB 284ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3 200 frontend.js Show response
vip.zona88.top/wp-content/plugins/sidebar-login/build/ Frame E668 4 KB
2 KB 380ms
359ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/live-japan/ Frame EEDB
Redirect Chain

https://vip.badutprediction.info/live-japan
https://vip.badutprediction.info/live-japan/

103 KB
20 KB

492ms
491ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/live-japan/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

8bba1ce8a27578b66b8d8f97b50ba0f114150732cd91e40c286f30923b6c1332

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:19 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/276>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=276>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:18 GMT
location: https://vip.badutprediction.info/live-japan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame C5A0 435 B
570 B 235ms
78ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBADUT%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-194612230&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 37035c1d5c6a6665bbecad4b74b04fcb37857c523db8f9a70bce3cbaa320ece3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:10 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame BB2E 434 B
569 B 214ms
74ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:82308204&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:10 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame BB2E 434 B
569 B 214ms
75ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:164032556&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:10 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame BB2E 434 B
569 B 223ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-73215563&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:10 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame BB2E 434 B
569 B 226ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-177167028&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:10 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame C5A0 18 KB
5 KB 305ms
281ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
H2

200

2981 Show response
tags.bluekai.com/site/ Frame EF9B
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHsABWXCmpkAAAAICHS3Aw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1280.23383%26cid%3Dc010%26...
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=eUtlRE81WXY5OTlYQXpKaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEITexlY59o2hjs8PMLWZUbw&google_cver=1

62 B
305 B

163ms
160ms

Document
image/gif

23.37.113.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEITexlY59o2hjs8PMLWZUbw&google_cver=1
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.113.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-113-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Tue, 06 Feb 2024 20:46:18 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 20:46:18 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEITexlY59o2hjs8PMLWZUbw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame C5A0 22 KB
12 KB 54ms
50ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22801
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163de5aa092886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame C5A0 7 KB
3 KB 126ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBADUT%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-194612230&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a39021b31f8ba7212cfb29da6fc5cc453b12896cba9ec63f7d94bf754e45236

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-t: 0.289
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3G5Hl3wKzwml%2Fsj6%2BPdF7pkA7pO6I%2FL%2F5vw57Z8tR6k4kxGHBOXxWvJAoad1DBEvS2dPDVEidNK5ScWAXF1%2FMU8YCcw13cs4DTprXBDNB2dBnb%2Fh5G9u%2F1zY7CsuCBFPEzQ%2BFfJl9jwDHy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163de5aa307449-MIA
expires: Tue, 06 Feb 2024 20:46:17 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame BB2E 13 KB
4 KB 50ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39012
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163de5aa0d2886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame BB2E 7 KB
4 KB 119ms
116ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:82308204&@b3:1707252378&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df4af85817b7789170c0e43a297b07f6765b896b49b3e7f5691a46b944605505

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-t: 0.254
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7jVE9iRzUgNJwmy97KfbadeINdC%2FctY4QUVrhqz0Gt2BDp%2F9rnSbGAyXQWViFo12l4B8pMA7AlYKmYM9dcPnA%2FhchMnRz5wg4HtJWcxKyEzdLGA8r8EKx06ZkJXBwbcA7DeNOXOjeNz%2BW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163de5aa327449-MIA
expires: Tue, 06 Feb 2024 20:46:17 GMT

GET
H2 200 hitam.webp
zona-bermain.com/wp-content/uploads/2023/11/ Frame E668 77 KB
78 KB 315ms
293ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2023/11/hitam.webp
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: fd3c5e931997685edd6b40a5aaee81c19cdcbeba459fa44aa09137d75b2bcf63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
last-modified: Wed, 08 Nov 2023 01:12:41 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79266
expires: Tue, 13 Feb 2024 20:46:18 GMT

GET
DATA 200
OK truncated
/ Frame E668 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E668 11 KB
4 KB 47ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38040
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163de69b672886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.pangkalanhdgroup.com/ Frame 70AF 11 KB
2 KB 301ms
295ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.pangkalanhdgroup.com/poltar.php

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

a29edc6ce037f547367624f31d091bad2479e96cc965ee2cf6e480069c5d66b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:18 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame E668 75 KB
76 KB 53ms
51ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zona88.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c9bd7a5ba048a92ceba328edf98b204f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163de6babc4c02-MIA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame C5A0 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame BB2E 58 KB
18 KB 83ms
82ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:37:24 GMT
content-encoding: gzip
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 68935
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 6-xEHIQmQpYqosni76XKEYJRk_pkfD8tXIdr5IHc6u6gE2wdMMQnbQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame BB2E 0
458 B 101ms
98ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-t: 1.19
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpKIkD%2BPriz%2BZ8Pf9Nt%2FLk6XxNcpFP7iFMRM3D5KCffxvzK9ehn1OPEM5tv8gn1PpkyhbwyY9SzXR8fVag1jWfINRh6UUPVHPb8SDhKKL6ZSHFmZ8qKOEPs%2FPUoZHVe2slFoyNpB9GdoVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 85163de78be4daa9-MIA
expires: Tue, 06 Feb 2024 20:49:40 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame BB2E 33 KB
11 KB 83ms
81ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37166
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: n4lg17ZIHnW_mFeUJqRuBpy5wGn6UCsoz_nlLlxcjK2JT2Xbh-uj-g==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame BB2E 2 KB
3 KB 73ms
70ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame BB2E 51 B
352 B 148ms
127ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.pangkalanhdgroup.com&_ss=4fobaks2fs&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5u81&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba11eea95fef1d76915bc44e3e2710d0a52d9da4f1eaaefeff37a6162f8fd0ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-t: 0.159
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ea3Y9KVQKU0psMMMeTlE8q0L7RhV8cknDOW8FzRgG48vjb2q%2BH4h6zd4kunLL3N7yr1Ee8RPvhG0UM9YD3TistYGOwkcWT5bh5oYWHFNp%2F4IOP7LVVZogkN9WiAiyk%2B6RWBTFVcQG3AJrJ8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163de7bd8f7449-MIA
expires: Tue, 06 Feb 2024 20:46:17 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame BB2E
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=738194ba77d1b609
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&bid=1e2n4ou

70 B
440 B

61ms
59ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&bid=1e2n4ou
Requested by: Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&bid=1e2n4ou
date: Tue, 06 Feb 2024 20:46:19 GMT
server: Kestrel
content-length: 191

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame C5A0 58 KB
18 KB 70ms
69ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:37:24 GMT
content-encoding: gzip
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 68935
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: UxKnbQU3kqwhdZWOkX5umxLfn-XHUer2s_2f_z3nmwVTJEiKZ04pew==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame C5A0
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=738194ba77d1b609
https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-HLRzGs1E2pWwxe7HUKxfasIioKJ.iYK2dnU-~A

70 B
440 B

64ms
62ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-HLRzGs1E2pWwxe7HUKxfasIioKJ.iYK2dnU-~A
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 20:46:20 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-HLRzGs1E2pWwxe7HUKxfasIioKJ.iYK2dnU-~A
date: Tue, 06 Feb 2024 20:46:20 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame C5A0 0
434 B 91ms
90ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2F&r=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-t: 0.97
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oE%2BiyuXuf7Fiq7lTkYb3csFhegsbItFRtpEGxmubt%2BOeTYMyJxe7JHnklzv91vszDGb2I6aTT3F%2BCZfZkGMp8U3kXyCherMaF2JKgHTMyERNRsFBHeBxqft73FYXe%2Behy1Ts5bZqGq2tyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163de7cc84daa9-MIA
expires: Tue, 06 Feb 2024 18:25:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C5A0 33 KB
11 KB 81ms
77ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37166
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 3hf7j_7GWci9GtS9SyC_VN9CKtogpfrpYfsxADV6GYG4ep6i_KMH_w==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame C5A0 2 KB
3 KB 118ms
78ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame C5A0 51 B
333 B 118ms
115ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=3ea10jbm6h&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=1pab&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e61775ec7d86ae8f1aecec4d1dc8de7f890b76248e6ff18045a370e0986db0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:18 GMT
x-t: 0.147
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6oEMcRFtSIs1YI2gMRaEKVPuy8fhUdPe7t%2BmiOeJlfx4hs2AqDzGf414UAU5yE3RqNCmRKQDreWeUOSpeM6XhBVR9shSVAM1U7wrc2HC0pdaCNJqFdjH8z7LlLXvwzQkIlKVHxwHHGeoTI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163de7ddf47449-MIA
expires: Tue, 06 Feb 2024 20:46:17 GMT

GET
H/1.1 200
OK 4772420.php Show response
s4.histats.com/stats/ Frame E668 435 B
570 B 222ms
74ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4772420.php?4772420&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTABEL%20SHIO%20%E2%80%93%20ZONA%2088&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:134246546&@b3:1707252379&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 25e01dd55476ec28f290aaceba77669529245965594f5a3487d25c384cbd3353

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:10 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ 43 B
178 B 242ms
68ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:19 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame BB2E 50 B
463 B 96ms
74ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:01:18 GMT
via: 1.1 3f8050fbf1460156d177f2d3d6a03332.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 13501
x-amzn-requestid: fd55d571-4ddc-49f1-8592-2c495bb9e4ea
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SuTavFtbiYcEQ2w=
content-length: 50
x-amz-cf-id: m_7E-3H2vb4Z8PlGFI2MIYTvEtlcWRSkI7IoQ2erq-ZvvQcaCUpArA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame BB2E 50 B
463 B 97ms
76ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:01:18 GMT
via: 1.1 3f8050fbf1460156d177f2d3d6a03332.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 13501
x-amzn-requestid: fd55d571-4ddc-49f1-8592-2c495bb9e4ea
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SuTavFtbiYcEQ2w=
content-length: 50
x-amz-cf-id: 1MgQ7IfA5lJ7ZAzIuEtVWdJjo4uvUUHtYlQYZrilAs8XmuqSMf4VMw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame BB2E 50 B
462 B 93ms
75ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:01:18 GMT
via: 1.1 3f8050fbf1460156d177f2d3d6a03332.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 13501
x-amzn-requestid: fd55d571-4ddc-49f1-8592-2c495bb9e4ea
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SuTavFtbiYcEQ2w=
content-length: 50
x-amz-cf-id: r2Hl2QtgqmFwDpSmBzsPqRto8T2rggXetI_aJQtdjufUFijrJiHULA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame BB2E 50 B
464 B 92ms
74ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:01:18 GMT
via: 1.1 3f8050fbf1460156d177f2d3d6a03332.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 13501
x-amzn-requestid: fd55d571-4ddc-49f1-8592-2c495bb9e4ea
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SuTavFtbiYcEQ2w=
content-length: 50
x-amz-cf-id: Yl4wb6Hv3hgcQkqKphw7FdEx5GDkyP7_j2BLxvnueDJfBEwu3vhbGQ==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame BB2E 2 KB
2 KB 88ms
78ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.461152072237633&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:18 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame BB2E 42 B
265 B 91ms
76ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.461152072237633&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame BB2E 2 KB
2 KB 171ms
67ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.12017884073071095&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:19 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame BB2E 42 B
265 B 98ms
71ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.12017884073071095&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame BB2E 2 KB
2 KB 200ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2075825174944257&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:19 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame BB2E 42 B
265 B 171ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.2075825174944257&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame BB2E 2 KB
2 KB 210ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7261073077135352&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:19 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame BB2E 42 B
265 B 168ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.7261073077135352&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame 0620 15 KB
3 KB 310ms
306ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame 70AF 15 KB
3 KB 316ms
304ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame C5A0 50 B
462 B 91ms
69ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:30 GMT
via: 1.1 aaf016fef66eecea8770da00a4c0e9d6.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36409
x-amzn-requestid: b51e42cf-200a-4f39-b5b7-cede26c03fb3
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbfaH3QCYcEd6w=
content-length: 50
x-amz-cf-id: u0DeZ1DiAO0WorQWt-nlYiFIuFMrJQCY4YIOKjvGghyo6IzKrpbGnA==

GET
H3 200 wp-emoji-release.min.js Show response
vip.zona88.top/wp-includes/js/ Frame E668 18 KB
5 KB 289ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zona88.top/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/tabel-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame C5A0 2 KB
2 KB 78ms
67ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5960124965215496&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:19 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame C5A0 42 B
265 B 79ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.5960124965215496&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame BBA8 108 KB
13 KB 523ms
500ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame BB2E 5 KB
2 KB 76ms
69ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3259
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 4rQlbecd01TJ3s0HPU7PQQrxcUOHWNw-1ltAocUbV9q-Xe17Nkh-qQ==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 303A 2 KB
1 KB 76ms
74ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.461152072237633&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:19 GMT
Expires: Tue, 13 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame E668 13 KB
4 KB 84ms
12ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39013
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dea8a0f2886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E668 7 KB
4 KB 150ms
78ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4772420.php?4772420&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTABEL%20SHIO%20%E2%80%93%20ZONA%2088&@n0&@ohttps%3A%2F%2Fvip.disksusiangka.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:134246546&@b3:1707252379&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456f47f648535481ce10fdbf723b994846b5fb76dba2f337d9bca584fa548045

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
x-t: 0.294
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBWfw0ZjritXlK%2ByJU9O7ou7EUI9W%2FDZEILZuN2fJpRLFZMueyj89catWVZXo3QQBniHz3CGvEoAJUNZsW43GSAxyo8OCs1ICDa894qgWDbzFJQy4rxa9GWMU6PCIvBnfAPhYQfch%2Fjg%2Fjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163dea8a9c7449-MIA
expires: Tue, 06 Feb 2024 20:46:18 GMT

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame EEDB 108 KB
13 KB 282ms
257ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame EEDB 227 B
271 B 325ms
300ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame EEDB 2 KB
374 B 338ms
313ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame EEDB 28 KB
8 KB 338ms
311ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame EEDB 86 KB
29 KB 339ms
311ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame EEDB 13 KB
5 KB 343ms
315ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame EEDB 157 KB
26 KB 70ms
42ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317903
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame EEDB 30 KB
7 KB 92ms
64ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674345
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163dea8da17494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame EEDB 21 KB
8 KB 71ms
43ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498504
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame EEDB 62 KB
16 KB 72ms
44ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268429
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 37DC 2 KB
1 KB 113ms
74ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.12017884073071095&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:19 GMT
Expires: Tue, 13 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
BLOB 200
OK 1a693a34-e231-42ec-abb2-d6afd70ab383
https://vip.zonaprediction.com/ Frame BBA8 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.zonaprediction.com/1a693a34-e231-42ec-abb2-d6afd70ab383
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame EEDB 3 MB
3 MB 319ms
277ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame EEDB 311 B
335 B 470ms
429ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:19 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 88AE 2 KB
1 KB 83ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2075825174944257&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:19 GMT
Expires: Tue, 13 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame CF69 2 KB
1 KB 81ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7261073077135352&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:19 GMT
Expires: Tue, 13 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame EEDB 43 B
182 B 210ms
71ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame EEDB 3 KB
1 KB 288ms
285ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame EEDB 8 KB
2 KB 290ms
288ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame EEDB 6 KB
2 KB 269ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame EEDB 112 KB
34 KB 270ms
268ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame EEDB 4 KB
2 KB 285ms
282ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame A83A 2 KB
1 KB 78ms
69ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5960124965215496&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:19 GMT
Expires: Tue, 13 Feb 2024 20:46:19 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame C5A0 5 KB
2 KB 70ms
59ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3259
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: to9arxT_Tcn26h9O2CGjiIaFo6TQP9690Djfo2z5wZ7shx1ym_pDxQ==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame BB2E 41 B
337 B 67ms
57ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.pangkalanhdgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame C539 19 KB
9 KB 66ms
65ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 2D18 0
0 500ms
90ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38451
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:19 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-id: y0tm_PKZ5qBoGm74NuhYd5mVyMwHnrevS_h_UVOzUR2GuvzUusjXFw==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0620 11 KB
5 KB 99ms
34ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38041
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dec7d132886-MIA
content-length: 4547

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame BBA8 227 B
535 B 342ms
334ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 227
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame BBA8 2 KB
376 B 373ms
359ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame BBA8 28 KB
8 KB 371ms
357ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame BBA8 86 KB
29 KB 373ms
359ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame BBA8 13 KB
5 KB 372ms
358ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame BBA8 157 KB
26 KB 55ms
41ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317904
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame BBA8 30 KB
7 KB 69ms
55ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674345
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163dedcbdb7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame BBA8 21 KB
8 KB 56ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498505
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame BBA8 62 KB
16 KB 57ms
43ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268429
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame BBA8 258 KB
258 KB 484ms
470ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:20 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame BBA8 4 MB
4 MB 482ms
469ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:20 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame BBA8 53 KB
53 KB 273ms
272ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:20 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame BBA8 652 KB
652 KB 215ms
212ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:20 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame BBA8 397 KB
397 KB 400ms
397ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame BBA8 443 KB
443 KB 552ms
544ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame BBA8 829 KB
829 KB 497ms
488ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame BBA8 736 KB
736 KB 315ms
306ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame BBA8 1 MB
1 MB 291ms
283ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame BBA8 2 MB
2 MB 301ms
293ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame BBA8 2 MB
2 MB 1961ms
1954ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame BBA8 733 KB
733 KB 404ms
397ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame BBA8 2 MB
2 MB 399ms
392ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame BBA8 812 KB
812 KB 443ms
437ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame BBA8 659 KB
659 KB 237ms
230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame BBA8 1 MB
1 MB 243ms
237ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame BBA8 718 KB
718 KB 307ms
301ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame BBA8 309 KB
309 KB 399ms
393ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame BBA8 1 MB
1 MB 339ms
333ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame BBA8 173 KB
173 KB 491ms
486ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame BBA8 986 B
1 KB 224ms
72ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 67cc1db403b43f83b5d02441291a021f39b07128362ff83fa8311db539608b46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
ETag: 1310481723
Content-Length: 986
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame BBA8 65 KB
65 KB 471ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame BBA8 8 KB
2 KB 619ms
617ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame BBA8 6 KB
2 KB 395ms
386ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame BBA8 112 KB
34 KB 631ms
622ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame BBA8 4 KB
2 KB 1126ms
1117ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 635E 19 KB
9 KB 91ms
90ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:19 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 2731 19 KB
9 KB 77ms
76ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame EC50 19 KB
9 KB 75ms
74ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 70AF 11 KB
5 KB 91ms
37ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38042
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163def7a502886-MIA
content-length: 4547

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame E668 58 KB
18 KB 82ms
69ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:37:24 GMT
content-encoding: gzip
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 68937
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Y6r9ycL0s6hYKnEoH0O1H-86myd6iE8ayrD7IFNrq6TK8MYgHZihgQ==

GET
H2

200

mw
mwzeom.zeotap.com/ Frame E668
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&icm&gdpr=0&gdpr_consent=&cver
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-ZNzuXpVE2pR6ksOAU.DVmnZab6u1atiUTA--~A&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=4898902a0626ab70/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=4898902a0626ab70/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=1ef63964d0079f7f2fddeaf925caff58&gdpr=0
https://spl.zeotap.com/?zdid=1332&zcluid=4898902a0626ab70
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=3666c9fe-bb12-41d5-721c-970db651eb88&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEOMR4wNwYY48KUvhE1OwPlw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=3666c9fe-bb12-41d5-721c-970...

95 B
165 B

177ms
147ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEOMR4wNwYY48KUvhE1OwPlw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=3666c9fe-bb12-41d5-721c-970db651eb88&zcluid=4898902a0626ab70&zdid=1332

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://vip.zona88.top
access-control-allow-credentials: true
cf-ray: 85163df95d8f09b2-MIA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEOMR4wNwYY48KUvhE1OwPlw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=3666c9fe-bb12-41d5-721c-970db651eb88&zcluid=4898902a0626ab70&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E668 0
460 B 106ms
94ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&r=https%3A%2F%2Fvip.disksusiangka.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-t: 1.34
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXe6eoMZDxYBBwOvJqkppp4hiPjr9BNLdfDQejZTx%2BPeeLPxu%2BJBQMf3ctNx2bbKukUjlUk%2FuL0PlKiwpmMlHO%2BmB%2FZtAFNcW3i3Bhx1ygYgTEZNFna2YKxkgKuJwWIrm8ueHwCQFAexQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 85163def9a0ddaa9-MIA
expires: Tue, 06 Feb 2024 20:46:56 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E668 33 KB
11 KB 78ms
67ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37168
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: -sPiGP51YC1-UmMGa60mwPu4JrX-KJ9-JvA6X9etVaGk1JlpoE8SXQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame E668 2 KB
3 KB 77ms
70ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E668 51 B
392 B 126ms
116ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zona88.top&_ss=7d3kn94kby&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=lrgu&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8add752d99641fa39ddc6d9bff8feec4497f2343330e22ac9eb28de238e32ed9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
x-t: 0.128
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QOMOJW1GM5RbSFtJXAR3vdN1%2FIDbwvyS8rY3Wa4pPyXjKBtyP%2B%2FXav9Y0iJwWZPQ%2FCgAvHMzJ73aP3qeAVl6UEoypc0KaVKNDRCDGB6unF8Q5H93Dfw%2Fq7tljBMuz63Nao4ZpktjjHezIk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163def8b2d7449-MIA
expires: Tue, 06 Feb 2024 20:46:19 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame BB2E 4 KB
1 KB 240ms
108ms XHR
application/json 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
via: 1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: Tq9v8pEF5Asma7FLt_4_OZNyjbPwTs1RmILrmU61A3N0I9927pXXSA==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame F149 19 KB
9 KB 74ms
71ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
H2 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E668 230 B
540 B 136ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E668 231 B
542 B 135ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=91940
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

250ms
57ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:20 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 623944
expires: Tue, 06 Feb 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Tue, 06 Feb 2024 20:46:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame C5A0 41 B
336 B 67ms
58ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame C539 0
289 B 65ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252379180&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&cc=US&cont=NA&evid=YO_KA2YAGWv4a3rwbAPd&urls=&rnd=1707252380571&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=1053

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame EEDB 135 KB
135 KB 262ms
260ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:20 GMT

GET
DATA 200
OK truncated
/ Frame EEDB 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 0620 434 B
569 B 206ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-31477542&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 346eddca5c9a88267082afb80096b1d66a203b40fb99f0c8fbaf58f8dcccec99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:12 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 livejapan.php Show response
w1.bungaprediction.com/ Frame 6746 854 B
790 B 1143ms
344ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livejapan.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

4b4a0d0430b249777e04d3c0505da2f43e214a395395ed337f52828f89f9c8c9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 414
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:21 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame EEDB 11 KB
4 KB 49ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38042
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df30fcc2886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.roomangkasa.top/ Frame 18E0 10 KB
2 KB 268ms
263ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:20 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame A1B6 112 KB
25 KB 381ms
379ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

c737e2159fdf3d4f1c8630bc34285e55cf0daa3ff30c976954beac04ba97e391

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:20 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame BB2E 695 B
2 KB 288ms
143ms XHR
application/json 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ffaaefe0cbf4e49f66e58bf7e431e6f214b1b722ddc8d92f5825f79ac7c1b686

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vip.pangkalanhdgroup.com
cache-control: no-cache
x-server: 10.40.58.118
access-control-allow-credentials: true
content-length: 695
expires: 0

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame EEDB 75 KB
76 KB 47ms
45ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 2
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163df32e004c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 2731 0
289 B 75ms
74ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252379267&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&cc=US&cont=NA&evid=NQ_KA2YABW3NM9PptVtv&urls=&rnd=1707252380688&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=711

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 70AF 434 B
569 B 212ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-154823289&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:12 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 70AF 434 B
569 B 222ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:51997771&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:12 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 70AF 434 B
569 B 212ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-21598131&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:12 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4791498.php Show response
s4.histats.com/stats/ Frame 70AF 434 B
569 B 214ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:65377106&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:12 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame EC50 0
289 B 67ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252379262&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&cc=US&cont=NA&evid=yQ_KA2YAu9j7zq-Uxw-m&urls=&rnd=1707252380729&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=716

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 635E 0
289 B 71ms
70ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252379236&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&cc=US&cont=NA&evid=MR_KA2YASM8p2iAIJkXx&urls=&rnd=1707252380754&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=790

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F149 0
289 B 72ms
71ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252379308&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&cc=US&cont=NA&evid=hS_KA2YAF9qh1lwUx2lB&urls=&rnd=1707252380836&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=645

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/prediksi-singapore/ Frame B214
Redirect Chain

https://vip.badutprediction.info/prediksi-singapore
https://vip.badutprediction.info/prediksi-singapore/

306 KB
39 KB

482ms
481ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/prediksi-singapore/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

40a081108c6cee2833b2b95606e80bbe2d6e846f444b00718b7930b7829663e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/live-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:21 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/59>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=59>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:21 GMT
location: https://vip.badutprediction.info/prediksi-singapore/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame E668 2 KB
2 KB 70ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.38716489649573327&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:20 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame E668 42 B
265 B 73ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.disksusiangka.info%2F&event_source=dtscout&rnd=0.38716489649573327&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:20 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame E668 50 B
463 B 71ms
70ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 17:01:16 GMT
via: 1.1 4d8384431ad0b8e60c79585b2d139316.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 13504
x-amzn-requestid: b1da36b4-f9cd-4676-a21b-53dcdc08832c
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: SuTafHuOiYcEJtA=
content-length: 50
x-amz-cf-id: fBUtyqQMZ2yXZAUP-3SPSp80CveDmJ9h-cr9nDdpilDbVoRnbo5t-Q==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame FEAF 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252377430&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&rdn=vip.disksusiangka.info&rpn=%2F&rqs=na&cc=US&cont=NA&evid=ci-KA2YAR7cnZ92EOPu-&urls=!1!663!b-13j,!0!723!b-13l,!1!558!b-14s,!1!0!b-14t,!1!523!b-150,!1!544!b-16f&rnd=1707252380957&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=160&bcnLcy=266

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame BBA8 11 KB
5 KB 50ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38042
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df52b712886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.zonafantasi.info/ Frame 4093 12 KB
3 KB 928ms
272ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:21 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 18E0 15 KB
4 KB 355ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:21 GMT

POST
H2 200 a
a.dtssrv.com/ Frame BB2E 0
441 B 214ms
77ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=10401707252376755089DB59665E5F0C&k=lotpano&v=5584ef88c587532ec6fe65739cfca9fb927a5d76d379a18f60677ec70c82bac9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO7ppfL%2BI2bke0G%2BL3R6a7dRLr9xo39A5p5jL5G6K9Va6q2Oxs6fXjRxMN%2BsNG1L9YZ9IKQTdpoX9PYW7tamMn9ffLF9Bn8cNc4U5nc8RsSIdvlNU%2BfRWCNOf7zONSwvlQySf2WlglI3MIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85163df63da13370-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame AC57 2 KB
1 KB 62ms
58ms Document
text/html 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65436
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 02:35:46 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
x-amz-cf-id: KLk8T4-I95lk7-LJsEdpjgq0rxqaP-L5IGIDCnyHvQ2GV-3fDwPXRw==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame BBA8 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame BBA8 75 KB
76 KB 60ms
59ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163df5897b4c02-MIA
cdn-requestpullsuccess: True

GET
H2

200

/ Show response
vip.poltar2d.info/paito-warna-japan/ Frame 7CCC
Redirect Chain

https://vip.poltar2d.info/paito-warna-japan
https://vip.poltar2d.info/paito-warna-japan/

273 KB
38 KB

747ms
746ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-japan/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ba1fad2e527d9a21b5a176633d21ce76fb67ceef7ffccd19e3a0d08d57bdf6e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:23 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/101>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=101>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:22 GMT
location: https://vip.poltar2d.info/paito-warna-japan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 db_sync
px.ads.linkedin.com/ 0
142 B 103ms
91ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=45939&pu=
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 936B7D010B95458E8216103AC18AB694 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKu5O3a+S7hZLLTuRQ==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame BB2E 43 B
177 B 85ms
73ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 0620 22 KB
12 KB 53ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22804
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df66d442886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0620 7 KB
4 KB 134ms
127ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-31477542&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 485d1be278e4f523a0629cb12941d590f165dfb43e9a760cc70a498b5f77c141

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.576
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjLEmk41OuoaMtRVhnLJtU5tTzrx8Bs8I6Tpf1bW5I9XCbDNmSmsLbMKSydnLtm2VNZmsf9Tj%2BZjMlC%2FlFfj7RrZ9YQ1T4BuBRgezDRhNYqJSW9o75L4dDzY6gfENQ%2F58xAtucGpFA5qfBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163df669127449-MIA
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame EEDB 435 B
570 B 211ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20JAPAN%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-72444730&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 37035c1d5c6a6665bbecad4b74b04fcb37857c523db8f9a70bce3cbaa320ece3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:13 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 70AF 13 KB
4 KB 50ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39015
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df68d782886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 70AF 7 KB
3 KB 128ms
125ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4791498.php?4791498&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zona88.top%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-154823289&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59830e5a090fd0aec722e32f7d97e4d9d5e311ae955613b8f6aeb91aa9bea5ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.259
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5u8VMLjKqIVz6qSF%2BU3ROv%2F3QiCp13b1NvVmIT0E54Ssy9vLDiuCScQ%2BD8jMteAxnCOVif4GEQlKNFc3tsJX0NJsUXcz0e2OM87T4dfFOIml6ZSli9qidIw9Vz%2Bcl%2B2wTQVWRqbQfesvyA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163df689507449-MIA
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame D40D 2 KB
1 KB 83ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.38716489649573327&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:21 GMT
Expires: Tue, 13 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame A1B6 108 KB
13 KB 428ms
411ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame A1B6 227 B
284 B 353ms
336ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame A1B6 2 KB
353 B 400ms
382ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame A1B6 28 KB
8 KB 402ms
385ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame A1B6 86 KB
29 KB 531ms
514ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame A1B6 13 KB
5 KB 641ms
624ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A1B6 157 KB
26 KB 51ms
44ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317905
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A1B6 30 KB
7 KB 56ms
48ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674347
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163df6baf17494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A1B6 21 KB
8 KB 52ms
45ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498506
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A1B6 62 KB
16 KB 52ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268431
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame EEDB 18 KB
5 KB 267ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/live-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame BBA8 436 B
571 B 208ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:189257310&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 1aee5e3b9b30ee8fced193e8e3c8e441fb349e5b94b5c0c60836e323f797ef98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:13 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 48E5 19 KB
9 KB 73ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:21 GMT

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 7B54 3 KB
3 KB 63ms
61ms Document
text/html 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c6f55743ea2b0c875538ff0edd6fd97c00c7722b50105e06d0ca0bee32d0344c

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3154
content-type: text/html
date: Tue, 06 Feb 2024 20:46:21 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.15.183

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 0620 58 KB
18 KB 77ms
72ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:37:24 GMT
content-encoding: gzip
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 68938
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: IZJbyHePbykimWHZhFjhsvU6QTuLWylJwmzaOfUPekTTdxeNEDKbwg==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 0620 35 B
247 B 139ms
138ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 0620 0
453 B 94ms
87ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.95
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aK7r7uqhms%2FACKebpefjlxlrqsuzvT9k2WNgEJtqBhemlZLfQ%2F17vBC3UmJ9pftbSIOwGc9FvoYMg6Kuvli0lghfjoUvpEY4tE2lEBximwweFBho%2FHU2lw4uGwTgfKo6z3d1Me654aKf7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163df8284fdaa9-MIA
expires: Tue, 06 Feb 2024 20:20:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0620 33 KB
11 KB 162ms
155ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37169
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: VkzujOsHABOO1v9EVWo0H3T5pMbXxGalzYF5ND_41wIKo3TzpLPLvw==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 0620 2 KB
3 KB 75ms
72ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 0620 51 B
349 B 127ms
119ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=6qwc6mlfpf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5clm&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9703cee88e48a3844d0b23a29d0517950f0c237f0bf1b8cae95cf6e9f419e6ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.189
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmQE1phVy8FB7E02mEtX2DFMxVmeOO4Tycpm43QWJbG2jT3%2Bnr9uso9o2exyASIZFq3MELKsHejoeB6FqyM977m672EPU2jnM1TJwxnFsRW8Ow2MZCp%2FdmBKkUeau83YY8bowtIatojoGiE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163df82d117449-MIA
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame A1B6 258 KB
258 KB 437ms
435ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame A1B6 4 MB
4 MB 310ms
308ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:21 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame A1B6 53 KB
53 KB 225ms
224ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame A1B6 652 KB
652 KB 286ms
285ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame A1B6 397 KB
397 KB 270ms
266ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame A1B6 443 KB
443 KB 598ms
573ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame A1B6 829 KB
829 KB 593ms
569ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame A1B6 736 KB
736 KB 742ms
718ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame A1B6 1 MB
1 MB 485ms
461ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame A1B6 2 MB
2 MB 244ms
223ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame A1B6 2 MB
2 MB 1837ms
1816ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:23 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame A1B6 733 KB
733 KB 583ms
562ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame A1B6 2 MB
2 MB 296ms
276ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame A1B6 812 KB
812 KB 577ms
557ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame A1B6 659 KB
659 KB 657ms
636ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame A1B6 1 MB
1 MB 250ms
230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame A1B6 718 KB
718 KB 650ms
628ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame A1B6 309 KB
309 KB 220ms
198ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame A1B6 1 MB
1 MB 647ms
625ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame A1B6 173 KB
173 KB 279ms
258ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame A1B6 986 B
1 KB 222ms
68ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 67cc1db403b43f83b5d02441291a021f39b07128362ff83fa8311db539608b46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
ETag: 1310481723
Content-Length: 986
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame A1B6 65 KB
65 KB 558ms
536ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame A1B6 8 KB
2 KB 388ms
362ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame A1B6 6 KB
2 KB 388ms
363ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame A1B6 112 KB
34 KB 388ms
363ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame A1B6 4 KB
2 KB 423ms
398ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E668 5 KB
2 KB 62ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3261
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: OJgpdZPMulBoTBuJxHxn9cCE1o5SY3vjSpFRWW0_VwtqPPAvZcM0Lg==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 70AF 35 B
247 B 272ms
136ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 70AF 0
561 B 96ms
94ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.zona88.top%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 1.7
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRzT%2F0JADiBrFJmk0XkYL8cYcBb%2BI2RS%2BDSruo5%2FIjIOszXIlIvnDf5uUG%2BAdZ4S35vuEkn5FCbZRbkhVq%2FwJR8bITFk10xRoVUv1naAUEJ%2F8%2Bs%2BZpK9LqjWThCjrmVU07wz36cNLew5HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85163df8589ddaa9-MIA
expires: Tue, 06 Feb 2024 19:52:13 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 70AF 33 KB
11 KB 129ms
128ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37169
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: mqMcSU8TZxCcydFKeZRlA_6FWYm0JLJ8_ILe4KWKL9ozvcPH6q68Jg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 70AF 2 KB
3 KB 70ms
69ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 70AF 0
286 B 124ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.pangkalanhdgroup.com&_ss=4fobaks2fs&_pv=2&_ls=3&_cc=us&_pl=d&_b=chrome%40121&_cbid=2b2g&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.pangkalanhdgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.zona88.top%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.103
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQqNnowwtpn0msbOiTv9YupaYuBvzApT8CYHSk7rDr9KzIbUJAzQ4XT8otYQwxZdh4Vw%2BKEbcao3cW4Qfizt2%2Frb9%2BG7CImc7KUrciJDHK8poVIkSokYZWmEqjMyjcCCJ1I3vODrGW2%2FjXc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163df85d5c7449-MIA
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 18E0 11 KB
5 KB 53ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38043
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df878392886-MIA
content-length: 4547

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame C5A0 43 B
177 B 78ms
77ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 7B54
Redirect Chain

https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0
https://cm.smadex.com/pixel?sm_did=lotame&gdpr=0&sm_tc=
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=L0RCUWtYaUdSNTJlemcyczZkbklpUT09&sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt
https://cm.smadex.com/sync?sm_p=dc&sm_r=lotame,lotame,bds,rbc,tl,smt
https://sync.crwdcntrl.net/qmap?c=13745&tp=SMDX&tpid=fc305091-7886-479d-9ece-0dace9d9c889&d=https%3A%2F%2Fcm.smadex.com%2Fsync%3Fsm_p%3Dlotame%26sm_r%3Dlotame%2Cbds%2Crbc%2Ctl%2Csmt
https://cm.smadex.com/sync?sm_p=lotame&sm_r=lotame,bds,rbc,tl,smt
https://x.bidswitch.net/sync?dsp_id=340&user_id=fc305091-7886-479d-9ece-0dace9d9c889&expires=10
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
360 B

340ms
83ms

Image
text/plain

70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

HTTP/1.1

Server

70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 148c0cd7c191f2840db84a95dc642741
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Tue, 06 Feb 2024 20:46:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 7B54
Redirect Chain

https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0
https://x.bidswitch.net/ul_cb/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdp...
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=0

49 B
265 B

67ms
62ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.134
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=d3b8af45-018e-46b0-a9b0-4ac2e187a487&gdpr=0
Date: Tue, 06 Feb 2024 20:46:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

m
cm.mgid.com/ Frame 7B54
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=1ef63964d0079f7f2fddeaf925caff58
https://cm.mgid.com/m?c=1ef63964d0079f7f2fddeaf925caff58&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
158 B

101ms
69ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?c=1ef63964d0079f7f2fddeaf925caff58&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Requested by

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 85163dfa78ad2260-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=1ef63964d0079f7f2fddeaf925caff58&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 85163df9bfb02260-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 7B54
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=1ef63964d0079f7f2fddeaf925caff58
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=1ef63964d0079f7f2fddeaf925caff58&dcc=t

43 B
855 B

85ms
80ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=1ef63964d0079f7f2fddeaf925caff58&dcc=t

Requested by

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2PGE8NSGCKPQHKZEBKFF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YGMJHEN98NGSNFAQ0K16
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=1ef63964d0079f7f2fddeaf925caff58&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
wt.rqtrk.eu/ Frame 7B54 43 B
350 B 258ms
74ms Image
image/gif 51.222.241.100
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=512089906&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=1ef63964d0079f7f2fddeaf925caff58
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.241.100 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-011.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 43
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3314857305076316538/gdpr=/ Frame 7B54
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1040
https://c1.adform.net/serving/cookie/match?CC=1&party=1040
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3314857305076316538/gdpr=/gdpr_consent=

49 B
265 B

70ms
68ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3314857305076316538/gdpr=/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.240
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3314857305076316538/gdpr=/gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B54
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0
https://id5-sync.com/c/19/19/9/1.gif?puid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/19/2/7/3.gif?puid=6740019904450003240&gdpr=0&gdpr_consent=
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F6%2F4.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/6/4.gif?puid=4345328060373329827&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
https://rtd-tm.everesttech.net/ct/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F5%2F5.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=ZcKanwAACtYtYwBB
https://id5-sync.com/c/19/136/5/5.gif?puid=ZcKanwAACtYtYwBB&gdpr=0&gdpr_consent=
https://sync.sharethis.com/id5?uid=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F4%2F6%2Fgif%2F0%2F0%2F0%2F0%2F
https://id5-sync.com/a/19/121/4/6/gif/0/0/0/0/ZHsABWXCmpkAAAAICHS3Aw==
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F3%2F7.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=f75764f8927cdffa90d6a9c7ccc7c3e1&redir=https://id5-sync.com/c/19/321/3/7.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0
https://id5-sync.com/c/19/321/3/7.gif?puid=5dpDOVSV99YvMzJk
https://sync.crwdcntrl.net/map/c=2831/tp=GDMP/gdpr=0/gdpr_consent=?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&id5id=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmd...
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MWVmNjM5NjRkMDA3OWY3ZjJmZGRlYWY5MjVjYWZmNTg&id5id=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg

170 B
188 B

86ms
83ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MWVmNjM5NjRkMDA3OWY3ZjJmZGRlYWY5MjVjYWZmNTg&id5id=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg

Requested by

Protocol

Server

142.250.81.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:25 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MWVmNjM5NjRkMDA3OWY3ZjJmZGRlYWY5MjVjYWZmNTg&id5id=ID5-08bd33EX3K6-stFfjY5i-5dY3zW9rXgmdNQuN_SoAg
cache-control: no-cache
x-server: 10.40.11.56
content-length: 0
expires: 0

GET
H2

200

insync
thrtle.com/ Frame 7B54
Redirect Chain

https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58
https://thrtle.com/insync?gdpr=0&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_pid=12&vxii_pid1=10014&vxii_rcid=92218228-39bc-478f-b82a-f4e5b53fbe91

43 B
294 B

79ms
67ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_pid=12&vxii_pid1=10014&vxii_rcid=92218228-39bc-478f-b82a-f4e5b53fbe91
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:21 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_pid=12&vxii_pid1=10014&vxii_rcid=92218228-39bc-478f-b82a-f4e5b53fbe91
date: Tue, 06 Feb 2024 20:46:21 GMT
content-type: text/html; charset=utf-8
content-length: 189
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H/1.1

200
OK

41715
i6.liadm.com/s/ Frame 7B54
Redirect Chain

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=1ef63964d0079f7f2fddeaf925caff58
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=1ef63964d0079f7f2fddeaf925caff58

43 B
548 B

272ms
69ms

Image
image/gif

2600:1f18:ed:550f:6f5e:c54f:5770:5695
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=1ef63964d0079f7f2fddeaf925caff58

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:6f5e:c54f:5770:5695 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=1ef63964d0079f7f2fddeaf925caff58
Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 7B54
Redirect Chain

https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0
https://match.prod.bidr.io/cookie-sync/lotame?gdpr=0&_bee_ppp=1
https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAAdYU7LhTUAABKHLbqwlg&gdpr=0

49 B
264 B

76ms
67ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAAdYU7LhTUAABKHLbqwlg&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.60.32
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=9130&tp=BEES&tpid=AAAdYU7LhTUAABKHLbqwlg&gdpr=0
Date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 7B54 43 B
433 B 452ms
161ms Image
image/gif 18.238.4.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=1ef63964d0079f7f2fddeaf925caff58
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-107.phl51.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Via: 1.1 134fb7548a823d9dbc3efc247941f8ec.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.24.0
X-Amz-Cf-Pop: PHL51-P1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: tTQDGeyQs_a0KZ5VnqTTHbrInp__PbBpBPxqLZxey4g3bVrTx21WRQ==

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 7B54 43 B
412 B 320ms
76ms Image
image/gif 2a04:4e42::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-vcl-time-ms: 32
date: Tue, 06 Feb 2024 20:46:22 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 30502
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mia-kmia1760029-MIA
pragma: no-cache
server: nginx
x-timer: S1707252382.150516,VS0,VE32
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 7B54
Redirect Chain

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=59cd90ee-d211-468e-b888-2b0791cd9acc&gdpr=0

49 B
264 B

76ms
66ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=59cd90ee-d211-468e-b888-2b0791cd9acc&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.53.47
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=59cd90ee-d211-468e-b888-2b0791cd9acc&gdpr=0
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'

GET 7
sync.search.spotxchange.com/audience_sync/ Frame 7B54 0
0

GET
H2 204 /
loadus.exelator.com/load/ Frame 7B54 0
324 B 260ms
61ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=1ef63964d0079f7f2fddeaf925caff58&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 7B54 0
544 B 1430ms
1140ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:1ef63964d0079f7f2fddeaf925caff58
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.71.11.141 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2

200

5386
tags.bluekai.com/site/ Frame 7B54
Redirect Chain

https://pixel.onaudience.com/?mapped=1ef63964d0079f7f2fddeaf925caff58&partner=104&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=2fbb3745df757273
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=

62 B
305 B

193ms
149ms

Image
image/gif

23.37.113.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 23.37.113.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-113-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 20:46:22 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/5386?id=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3&gdpr=0&gdpr_consent=
date: Tue, 06 Feb 2024 20:46:22 GMT
server: Kestrel
content-length: 221

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7B54 0
44 B 312ms
44ms Image
text/plain 3.230.91.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=1ef63964d0079f7f2fddeaf925caff58
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.91.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-91-215.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
server: awselb/2.0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 7B54
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214350604784008746070&gdpr=0&gdpr_consent=

49 B
264 B

68ms
68ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214350604784008746070&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.55.48
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
via: 1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: PHL50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=214350604784008746070&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 6OjuTJHpZmvJV6x1IXQ7z9OEy6voc06XMbgxn6GApupgBl9Hg7J9WA==
expires: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 7B54
Redirect Chain

https://ce.lijit.com/merge?pid=5001&3pid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&location=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5436%26tp%3DSVRN%26tpid%3D%5BSOVRNID%5D%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=IHj-ASZHA5mXSqTcSkShkITv&gdpr=0

49 B
265 B

547ms
547ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=IHj-ASZHA5mXSqTcSkShkITv&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.11.117
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5436&tp=SVRN&tpid=IHj-ASZHA5mXSqTcSkShkITv&gdpr=0
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 7B54 0
673 B 451ms
58ms Image
text/plain 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 382416.gif
idsync.rlcdn.com/ Frame 7B54 42 B
60 B 96ms
87ms Image
image/gif 35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=1ef63964d0079f7f2fddeaf925caff58&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

rand=275639704
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/ Frame 7B54
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=275639704
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=275639704

49 B
264 B

70ms
61ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=275639704
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=159%2C158%2C155%2C153%2C150%2C145%2C135%2C125%2C122%2C121%2C115%2C108%2C105%2C103%2C100%2C92%2C89%2C80%2C65%2C43%2C31%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.57.23
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
an-x-request-uuid: 6cd4f6b8-929c-4495-806d-6e51edb896db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=275639704
x-proxy-origin: 38.132.118.71; 38.132.118.71; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame EEDB 22 KB
12 KB 55ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22804
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df8c8c22886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame EEDB 7 KB
3 KB 115ms
112ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20JAPAN%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-72444730&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057d4c865e97766babef8362734f34a38bf03fe1e4a03132bb35fa7dbe12dfd3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kvcOTZKcZoZKQfGXWHqae8zKe%2FWc29%2F9fKLoQBIFA0U3lpaqfxYDj9qBkcU%2B42kB5c%2F%2BLHGcNBkTfhQ7ujMPbqd5afX%2FzNg6S%2FiJ0xEThelBpZXD4S3kn0DnPt9Jm4WINA7i3RI9sR7pxjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163df8ce3d7449-MIA
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 48E5 0
289 B 68ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252381182&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.disksusiangka.info&pn=%2F&qs=na&cc=US&cont=NA&evid=fe_KA2YACPuJF9xNuBeQ&urls=&rnd=1707252381604&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=211&bcnLcy=195

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:21 GMT

GET
H2 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame EEDB 230 B
540 B 38ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame EEDB 231 B
541 B 38ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame BBA8 13 KB
4 KB 45ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39015
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163df969f92886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame BBA8 7 KB
3 KB 123ms
121ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:189257310&@b3:1707252381&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05757f152d257c0b6082f4ec4e4213b9c699bf985dc800fedbb7509fed41ced9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 0.282
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJFiJLBk8YrMkARt40Vrvx2ql6BGPIIWn2zFR%2BUuZ%2B7t%2BN1%2BxTUnPJMINLNHR%2FCeaNU6JpWJjypgUEs2vIptp3zRgnSZ4elvkqe2Q1QAH%2FyXQkD0IN0L1SUS%2Bu2gMpXuO7hDlZ8SfJBJ1Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163df96f337449-MIA
expires: Tue, 06 Feb 2024 20:46:20 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 0620 2 KB
2 KB 68ms
67ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5095728428628763&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:21 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 0620 42 B
265 B 70ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.5095728428628763&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame E668 41 B
329 B 73ms
70ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zona88.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=43995
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
493 B

204ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:22 GMT

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame B0B6 0
0 70ms
68ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=5759
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:21 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
x-amz-cf-id: 9kL4aBxfAgypdXhrOYQDJvlQ64tuqo27VkmZNoEk2VnPUanBW_VfTQ==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 70AF 2 KB
2 KB 70ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3060137822603466&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:21 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 70AF 42 B
265 B 71ms
67ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zona88.top%2F&event_source=dtscout&rnd=0.3060137822603466&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 70AF 2 KB
2 KB 68ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.1245813515360652&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:21 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 70AF 42 B
265 B 72ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zona88.top%2F&event_source=dtscout&rnd=0.1245813515360652&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 70AF 2 KB
2 KB 66ms
64ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.40713765916097877&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:21 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 70AF 42 B
265 B 72ms
70ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zona88.top%2F&event_source=dtscout&rnd=0.40713765916097877&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 70AF 2 KB
2 KB 68ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5788980591681712&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:21 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 70AF 42 B
265 B 70ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zona88.top%2F&event_source=dtscout&rnd=0.5788980591681712&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.pangkalanhdgroup.com
URL: https://vip.pangkalanhdgroup.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 18E0 434 B
569 B 212ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-47375613&@b3:1707252382&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 346eddca5c9a88267082afb80096b1d66a203b40fb99f0c8fbaf58f8dcccec99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:13 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 70AF 5 KB
2 KB 64ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3261
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: zNVDMbnAPvlmbqF74_ikbSumI-2uEmgUbASA2VUhr2jBqmEjVZdefg==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 0620 50 B
463 B 73ms
71ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:32 GMT
via: 1.1 a57d2f9cdddfdb2c5779462e97c9c00c.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36409
x-amzn-requestid: cd5ff6d7-2702-44b2-b8c4-10f23cd53d56
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbfuG7YCYcEvlQ=
content-length: 50
x-amz-cf-id: ux9BAvd0nrQk8RdNgw_gGzim5l2iyQevZT3Pj_PrWm7I_2iPuF0wGA==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame EEDB 35 B
247 B 146ms
138ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame EEDB 0
435 B 208ms
188ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
x-t: 1.31
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQYkW%2B70RMYYwpTMaPxwzLiJl3xpYxswO5zvghvBP8Jat9JkGuofGtcn2qWylONBSnFxI0JSv3xA75Pf1kUkYqjb5ShcN0DX3MeSU%2BkhkQtFbrLZLYlt3hXuh4sG%2FPl%2FzIb5PX7tO5R3yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163dfb2db0daa9-MIA
expires: Tue, 06 Feb 2024 20:43:49 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame EEDB 33 KB
11 KB 85ms
65ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37169
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: guRfDG5wBh7du_lpx5Z0iiO_-c9NQ1UT12U8xN0oga6XqAGZYDKMfQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame EEDB 2 KB
3 KB 76ms
69ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame EEDB 0
343 B 129ms
109ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=3ea10jbm6h&_pv=2&_ls=3&_cc=us&_pl=d&_b=chrome%40121&_cbid=705u&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-t: 0.114
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypeUBvxf0fBxwhzCsf7FPLAKb3%2BbOEDxHevTTmsBqhhJkJSGMRcdfZNIr6Y19l98d96aMtcsa6edvUGGx3xH54wHBbaum7TF%2FdQVNISUYP5OC%2BiQ1%2FMD2pC5xiOrfAyl%2Fn%2FbJvay9%2Fh%2BniQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163dfb3a217449-MIA
expires: Tue, 06 Feb 2024 20:46:21 GMT

GET
H2 200 tpid=10401707252376755089DB59665E5F0C
bcp.crwdcntrl.net/5/c=3825/tp=DTSC/ Frame EEDB 49 B
464 B 99ms
79ms Image
image/gif 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401707252376755089DB59665E5F0C
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.63.210
content-length: 49
expires: 0

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame B214 108 KB
13 KB 289ms
284ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame B214 227 B
271 B 293ms
289ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame B214 2 KB
374 B 294ms
289ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame B214 28 KB
8 KB 294ms
290ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame B214 86 KB
29 KB 301ms
297ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame B214 13 KB
5 KB 307ms
303ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame B214 157 KB
26 KB 39ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317906
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B214 30 KB
7 KB 55ms
51ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674347
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163dfb3a657494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame B214 21 KB
8 KB 43ms
39ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498507
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame B214 62 KB
16 KB 40ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268431
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame B214 3 MB
3 MB 288ms
284ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H2 200 c9909588ae3588972282bf5ece5e1874
secure.gravatar.com/avatar/ Frame B214 4 KB
5 KB 42ms
34ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c9909588ae3588972282bf5ece5e1874?s=50&d=mm&r=g
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0524a3491b289fad4b9fc645b2d34c6f47df901791f1c988647ffca5e52324e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:22 GMT
last-modified: Thu, 03 May 2018 11:29:34 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="c9909588ae3588972282bf5ece5e1874.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/c9909588ae3588972282bf5ece5e1874?s=50&d=mm&r=g>; rel="canonical"
content-length: 4405
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:22 GMT

GET
H2 200 81f019efc01a267e92ba94ecc6392d26
secure.gravatar.com/avatar/ Frame B214 6 KB
7 KB 40ms
33ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=50&d=mm&r=g
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 28dc86dba75a5075310cc18d0ba68a75e400d76857723eae8e4de6b898fce188

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:22 GMT
last-modified: Thu, 07 Sep 2023 03:56:58 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="81f019efc01a267e92ba94ecc6392d26.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=50&d=mm&r=g>; rel="canonical"
content-length: 6584
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:22 GMT

GET
H2 200 live-draw-japan.php Show response
rankcrack.com/ Frame 2810 654 B
768 B 1341ms
1182ms Document
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/live-draw-japan.php
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livejapan.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6a8d1efba700909c8dd09504eca8f57fc3d2cb22f0f40c446559262f96782c

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85163dfd2fef4972-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MH8SubwxbD3jb7ekq1UdUIINvA7J6MGzEGW%2FtZ%2FT%2Fv7RXt8I0rlK3ENKB1o2dPKkLVYwFmGDCv819vfTARHtxDCd7SPgeWWFFRDUh21B5ZrYlx6rar65nBLIAn0n8%2BGFJRnH9xsK4PZMuGA"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6746 11 KB
4 KB 48ms
48ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livejapan.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38043
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dfb5d6d2886-MIA
content-length: 4547

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 7768 2 KB
1 KB 105ms
68ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5095728428628763&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:22 GMT
Expires: Tue, 13 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
DATA 200
OK truncated
/ Frame EEDB 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame B214 311 B
338 B 227ms
226ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:22 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame B214 43 B
182 B 205ms
67ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame BBA8 58 KB
18 KB 78ms
72ms Script
text/javascript 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 01:37:24 GMT
content-encoding: gzip
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 68939
etag: W/"eb52f900499b46d1088df97dad487c73"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: xPfDQ936nYdp98BnYJAPurQYb_ouHEGDfZntRCO-t7tEvMsXukrLiA==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame BBA8 35 B
247 B 188ms
142ms Image
image/gif 141.94.171.213
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=10401707252376755089DB59665E5F0C
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.213 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-5.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame BBA8 0
441 B 103ms
99ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-t: 2.61
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR%2FE782SKSABiSc50kfPULqyRYs3Nqcfi5pVVajzQ477UH8F3F0FLe%2BdQQ%2BV7MRmQtZsUkG976b6SQAUZtSxmTgJvpBafmNI7QkU2aCBmLt0VEa27OHE%2FcFFYHZzqYiY7Qgy9zbvuKe5ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85163dfbced0daa9-MIA
expires: Tue, 06 Feb 2024 19:52:14 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame BBA8 33 KB
11 KB 78ms
74ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37170
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: _aLUId2a7jFXa2Df6ReSNZZTFtJ67JENctnPHmbde0_N4bIzQTUvpg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame BBA8 2 KB
3 KB 80ms
78ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame BBA8 51 B
336 B 116ms
113ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=602u201chl&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4pqz&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87735af54fe542a92f75c56eb5061d6636fdb413a009299ec36e6f89fd0078c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-t: 0.174
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIlZsumOROakGXO4AiAB%2FOJ4wFbPHbEn4NuLvbLoBGar72cLMjUi%2B6DPlWCnWHp51b9SGfdPOJODEZVnWqv8TNE36LgnBjIYqLVUdbWhAlh0Jjq9GNwOh0jQdZRprfG2KlkmZFmeszcij9g%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163dfbcae27449-MIA
expires: Tue, 06 Feb 2024 20:46:21 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 658B 2 KB
1 KB 97ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3060137822603466&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:22 GMT
Expires: Tue, 13 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 9318 2 KB
1 KB 93ms
70ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.1245813515360652&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:22 GMT
Expires: Tue, 13 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame D9DC 0
0 122ms
100ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=76693
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:22 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: zZEiey6kMbLy7SbC40KXvsemBu6ejeB-H6Hpwm36tklrSic1LHyMyg==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 306A 2 KB
1 KB 89ms
72ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5788980591681712&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:22 GMT
Expires: Tue, 13 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame C796 2 KB
1 KB 200ms
73ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.40713765916097877&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:22 GMT
Expires: Tue, 13 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame B214 3 KB
1 KB 283ms
279ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B214 8 KB
2 KB 294ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B214 6 KB
2 KB 266ms
260ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B214 112 KB
34 KB 266ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame B214 4 KB
2 KB 284ms
279ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 4093 15 KB
3 KB 356ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame BBA8 18 KB
5 KB 408ms
387ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 18E0 22 KB
12 KB 90ms
62ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22805
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dfd28f22886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 18E0 6 KB
3 KB 148ms
121ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-47375613&@b3:1707252382&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbefcdaaf15e62326e609afe9680b60d63f41ea0b18076718004039da7620c83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-t: 0.254
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qdgM4yLmpHx0Bp1nbfIIzQdIP9NejBDQIe7bIqkPVxE1bej0DlzaRn9b72009uSKcDAavNExBi055cRM0NSuQZEz4AFID9ZxKU4hgNq14fMygq0bPLsXKePVL77RJGIjwmndLYJZUH25iGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163dfd2d5a7449-MIA
expires: Tue, 06 Feb 2024 20:46:21 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A1B6 11 KB
5 KB 87ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38044
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163dfd89c12886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.zonafantasi.info/ Frame 1E3C 12 KB
2 KB 288ms
261ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:22 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 70AF 41 B
337 B 89ms
53ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.pangkalanhdgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 6746 436 B
571 B 209ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:69946472&@b3:1707252382&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: a6fa4efdd9f0afa5edc06cf38669f23c221924b6a480f85a9c5aad242017be07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:14 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A1B6 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A1B6 75 KB
76 KB 46ms
43ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 1
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163dfdad164c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 57333
i.liadm.com/s/ 43 B
573 B 66ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=17098

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 312F 85 B
482 B 63ms
62ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.disksusiangka.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647775
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: eLYvNfk1PQYXhczkD2Dox01z3Q1k8avNWzU9oknEeOGsOMQ0B4FmdQ==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame BB2E 43 B
573 B 412ms
348ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=45110

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame EEDB 2 KB
2 KB 77ms
75ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5154457273196837&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:22 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame EEDB 42 B
265 B 77ms
76ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.5154457273196837&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame EEDB 5 KB
2 KB 69ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3262
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 9VMB1WV9tivBqK3j_Z8cXNxdMdGwV8S2c4-H5w4lnjOF-zGMRPoCUw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 0620 5 KB
2 KB 92ms
75ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3262
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: JFznn0CWI9eHBz1xcKaLS9TGp-ZiRkgH6DdwZFYO3U8C6jxBJ6JISA==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame BBA8 2 KB
2 KB 87ms
85ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2059546334758735&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:22 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame BBA8 42 B
265 B 92ms
90ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.2059546334758735&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame BBA8 50 B
463 B 80ms
77ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:32 GMT
via: 1.1 e1fcfcab7d719cee2446e5bb755eb260.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36410
x-amzn-requestid: accd0ce4-37fc-4411-9a43-b67c316c81b4
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbfrENdCYcEOCA=
content-length: 50
x-amz-cf-id: jnIQGfQQP1oKk4EbT0e9JYh8xFFtTiku3vRHZwfMcRiKIImbrctGnA==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame B591 19 KB
9 KB 95ms
80ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame B08C 19 KB
9 KB 82ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H2

200

/ Show response
vip.poltar2d.info/prediksi-japan/ Frame A6AF
Redirect Chain

https://vip.poltar2d.info/prediksi-japan
https://vip.poltar2d.info/prediksi-japan/

103 KB
24 KB

395ms
394ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-japan/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

fc48942091de2e8308efd06482aa8f071e8b9d575a22e231247979b7f45d2eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:23 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/89>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=89>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:22 GMT
location: https://vip.poltar2d.info/prediksi-japan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 73B5 19 KB
9 KB 73ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 3A6A 19 KB
9 KB 73ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame E668 43 B
177 B 70ms
67ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:22 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 312F 766 B
1 KB 66ms
60ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650838
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 48rP4cK03kTBmgzMpCtFncRDfbduZpcA8dqeFYKonxGgg9cnfW3hOg==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 1E3C 15 KB
3 KB 354ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame B214 135 KB
135 KB 260ms
258ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame C5A0 43 B
573 B 63ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=38652

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 81f019efc01a267e92ba94ecc6392d26
secure.gravatar.com/avatar/ Frame B214 6 KB
7 KB 37ms
35ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=50&d=mm&r=g
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 28dc86dba75a5075310cc18d0ba68a75e400d76857723eae8e4de6b898fce188

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Tue, 06 Feb 2024 20:46:22 GMT
last-modified: Thu, 07 Sep 2023 03:56:58 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="81f019efc01a267e92ba94ecc6392d26.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/81f019efc01a267e92ba94ecc6392d26?s=50&d=mm&r=g>; rel="canonical"
content-length: 6584
alt-svc: h3=":443"; ma=86400
expires: Tue, 06 Feb 2024 20:51:22 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 401C 19 KB
9 KB 75ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:22 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 18E0 0
414 B 85ms
78ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-t: 1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXaS6br7xoXIO%2FZ8%2F1gf8IsAg9RfYCPdLLHozu3wxGsHmAHHWEFOWYtzf4nzwMARkdnqTAv4OWrJ2SSFaekIGoj1wT7ztXp1WeN7UUFkDhMAW%2Bkbc40RgCLiDq42IpSs5fEAGcDNdptQNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163e011ec8daa9-MIA
expires: Tue, 06 Feb 2024 20:43:50 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 18E0 33 KB
11 KB 73ms
66ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37170
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: YDXyAlCBXNcA8fKIEfXEU1E13hIt5xmY-ZahWcr7r6JcLAp9euKFhg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 18E0 2 KB
3 KB 70ms
68ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 18E0 0
303 B 117ms
112ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=6qwc6mlfpf&_pv=2&_ls=1&_cc=us&_pl=d&_b=chrome%40121&_cbid=4fc3&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-t: 0.127
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXDGpD7%2B8EhSIYluLPkl9p5JgLWTqGXePA3OuYOf5vECm74uzKx8pqDv%2B80xvlAXiDXg%2Fc7szZ2bCCs9ZClB18wbuxU2fhsrTB%2Fn6TRvJsRcs555RgdMXQAt97PyPVEFw5uwo9vvTj8VuWU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e011cc77449-MIA
expires: Tue, 06 Feb 2024 20:46:21 GMT

GET
DATA 200
OK truncated
/ Frame B214 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET gif.gif
zona-angka.top/wp-content/uploads/2023/06/ Frame B214 0
0

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame A1B6 436 B
571 B 481ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-185955365&@b3:1707252383&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 1aee5e3b9b30ee8fced193e8e3c8e441fb349e5b94b5c0c60836e323f797ef98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4093 11 KB
5 KB 52ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38045
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e024acb2886-MIA
content-length: 4547

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame B214 311 B
338 B 238ms
238ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:23 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B214 11 KB
4 KB 70ms
68ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38045
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e025ad72886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 9733 10 KB
3 KB 274ms
271ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:23 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 788F 112 KB
25 KB 388ms
387ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

da13034c9cc2b23b6faac55d3d789a9803b06b52c50ba8fbdc8a219b8d693f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:23 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame BB2E 0
142 B 352ms
348ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=23462&pu=https://vip.disksusiangka.info/
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EEB3F39D3C4442D193C92F9784957CDB Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKvWi568rvA0Uxm4kA==

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 6746 18 KB
7 KB 65ms
62ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 55385
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e026af42886-MIA
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6746 6 KB
3 KB 237ms
233ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:69946472&@b3:1707252382&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cce2c4ad9938198337a8788cf7366907d1eeefa5596d6364ece5c55fd2f3aea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-t: 0.243
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wArIAcPAXkFyZoybuMnWPl3R6wm%2B3HQ3pCnHk9hqPNcdDUFp3Ud1A85Q9uZM9HNwtj2PDLOqf4%2FEZCUwbZI1d22xt4%2Fr3DvdiA7bmamaPDxNSl73yggMSIsOFumJmP08dLrNrkdLnCClrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e026f2c7449-MIA
expires: Tue, 06 Feb 2024 20:46:22 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame B214 75 KB
76 KB 86ms
84ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 5
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e02ce044c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame BE91 2 KB
1 KB 66ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5154457273196837&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:23 GMT
Expires: Tue, 13 Feb 2024 20:46:23 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 0620 41 B
333 B 61ms
60ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4B90 2 KB
1 KB 65ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2059546334758735&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:23 GMT
Expires: Tue, 13 Feb 2024 20:46:23 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame B591 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252382079&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zona88.top&pn=%2F&qs=na&cc=US&cont=NA&evid=l6_KA2YAlW6VKEOe9THP&urls=&rnd=1707252383400&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=842&bcnLcy=160

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame B08C 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252381960&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=t6_KA2YAQfgk88mQ-Fhq&urls=&rnd=1707252383407&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=820&bcnLcy=160

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 9B57 0
0 73ms
72ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=76406
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:23 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: dXz5VF0HBGyZvXMLBXoagwSl8NvNrOc57EAaEUlBMmBlrrHDhTSJtw==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame C5A0 0
142 B 91ms
89ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=35532&pu=https://vip.disksusiangka.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E2DBA5B47BBB4A90B67C25CAE4670B2A Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKvdhizadUGpksXR9g==

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame A1B6 18 KB
5 KB 336ms
336ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 73B5 0
289 B 67ms
67ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252382094&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zona88.top&pn=%2F&qs=na&cc=US&cont=NA&evid=88_KA2YAyedaee1Gi72P&urls=&rnd=1707252383550&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=903&bcnLcy=160

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3A6A 0
289 B 71ms
71ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252382105&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zona88.top&pn=%2F&qs=na&cc=US&cont=NA&evid=C9_KA2YA6ZqF4V-ieBoK&urls=&rnd=1707252383560&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=888&bcnLcy=160

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 9733 15 KB
3 KB 353ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 0620 4 KB
1 KB 191ms
191ms XHR
application/json 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: gzip
via: 1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: TLUhwba61GVG-z8LOzYVmr8P8x1Ko01GhwMnKskQfBUcVrn8x61czA==

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame EEDB 41 B
336 B 60ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 61

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame B214 18 KB
5 KB 268ms
268ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-singapore/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 401C 0
289 B 67ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252382110&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zona88.top&pn=%2F&qs=na&cc=US&cont=NA&evid=z9_KA2YAEESSKNFfoW-x&urls=&rnd=1707252383606&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=752&bcnLcy=160

Requested by

Host: vip.zona88.top
URL: https://vip.zona88.top/tabel-shio/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H2 200 style7.css
rankcrack.com/css/ Frame 2810 8 KB
2 KB 856ms
848ms Stylesheet
text/css 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/css/style7.css
Requested by: Host: rankcrack.com
URL: https://rankcrack.com/live-draw-japan.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb98997f3dc68ab529fd0217ab9830a6e0650f8de5f70d75eb3246e4ba011a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/live-draw-japan.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Feb 2023 08:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b1ea3-1e46-5f39ed5bf0000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIgAlnKjs0BRrcbrI3%2FU5RmAjo%2F9ug9xrLsQNBcV5eqmiFCOUTCP6%2F9oSDeJ70uSMiPVQnF1%2FoyYfgdPwuLreFD%2Fo%2BJA2LnmSlhNDdGfxFhzxPnuYVEq2RO7SLnPsymlLKgYXMsH8Fijbw1j"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85163e05be394972-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 2810 2 KB
976 B 228ms
85ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-japan.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 18:56:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 2810 86 KB
31 KB 210ms
68ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-japan.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:16:50 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 788F 108 KB
13 KB 352ms
344ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 788F 227 B
284 B 378ms
370ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 788F 2 KB
353 B 378ms
370ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 788F 28 KB
8 KB 379ms
371ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 788F 86 KB
29 KB 393ms
386ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 788F 13 KB
5 KB 456ms
448ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 788F 157 KB
26 KB 42ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317908
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 788F 30 KB
7 KB 61ms
55ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674349
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e05cdc27494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 788F 21 KB
8 KB 43ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498508
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 788F 62 KB
16 KB 45ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268433
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 788F 258 KB
258 KB 286ms
280ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:23 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 788F 4 MB
4 MB 293ms
288ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:23 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 788F 53 KB
53 KB 214ms
213ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 788F 652 KB
652 KB 363ms
362ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 788F 397 KB
397 KB 320ms
319ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 788F 443 KB
443 KB 352ms
328ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 788F 829 KB
829 KB 287ms
264ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 788F 736 KB
736 KB 552ms
527ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 788F 1 MB
1 MB 280ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 788F 2 MB
2 MB 300ms
279ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 788F 2 MB
2 MB 1546ms
1524ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 788F 733 KB
733 KB 348ms
325ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 788F 2 MB
2 MB 296ms
274ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 788F 812 KB
812 KB 365ms
343ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 788F 659 KB
659 KB 226ms
204ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 788F 1 MB
1 MB 304ms
282ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 788F 718 KB
718 KB 343ms
321ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 788F 309 KB
309 KB 386ms
365ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 788F 1 MB
1 MB 307ms
286ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 788F 173 KB
173 KB 227ms
206ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:24 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 788F 1 KB
1 KB 203ms
67ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: d80fbbe2dd4c42772056b7829ea3fc5972fb46a869f1189da29ac414039f6617

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:24 GMT
Connection: close
ETag: 1155648518
Content-Length: 1079
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 788F 65 KB
65 KB 684ms
664ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 788F 8 KB
2 KB 360ms
339ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 788F 6 KB
2 KB 361ms
338ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 788F 112 KB
34 KB 361ms
338ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 788F 4 KB
2 KB 416ms
392ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3

200

/ Show response
vip.badutprediction.info/prediksi-cambodia/ Frame E203
Redirect Chain

https://vip.badutprediction.info/prediksi-cambodia
https://vip.badutprediction.info/prediksi-cambodia/

106 KB
21 KB

513ms
510ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/prediksi-cambodia/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

1c95625fd28e8b01b21134935349f26d4fb17418fa49a567f9e34f9f6c9adaa1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/prediksi-singapore/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:24 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/87>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=87>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:24 GMT
location: https://vip.badutprediction.info/prediksi-cambodia/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 70AF 43 B
177 B 70ms
69ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:23 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2

200

merge
ce.lijit.com/ Frame BB2E
Redirect Chain

https://um.simpli.fi/lj_match?r=93326
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

65ms
62ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:23 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 1E3C 11 KB
4 KB 54ms
54ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38045
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e068a092886-MIA
content-length: 4547

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 18E0 2 KB
2 KB 68ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5849836334145702&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:23 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 18E0 42 B
265 B 71ms
71ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.5849836334145702&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 18E0 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3263
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: OZgYUjWgxCLC_b4TtW4Mz0b1B6HvqQ5oaeqpskMRhdLM9FCoTK6_RA==

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 204ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-75326224&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 205ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:9337695&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 205ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-15319790&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 205ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:77134621&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 208ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-3883886&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 403ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:155357347&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 215ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-170247958&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 213ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-93244281&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 213ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-162053613&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 282ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-16829216&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 410ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-109431061&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 221ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:79330110&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 213ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:41369492&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 211ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:188972796&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 283ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-61995019&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 4093 438 B
573 B 233ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-70216325&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame E668 4 KB
1 KB 152ms
151ms XHR
application/json 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://vip.zona88.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: gzip
via: 1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: NGyOP1FpMT4Dnd7R_uQwhx2z9jxsF6k2DT8zdvr1iocIL5vrXgBx7w==

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame B214 434 B
569 B 444ms
175ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPrediksi%20Singapore%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:185821138&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 7a81497ee50a6e29d6e3d2d4b5ccffedb97b74890cff8f65e2707fd2fa34669a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:15 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame BBA8 5 KB
2 KB 87ms
59ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3263
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: G-lE1zDJz4bxDa0jZI9L1rwaw8iPT81cPYySQ5_uKrBEOhz7zLVpMw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6746 0
438 B 101ms
83ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-t: 1.08
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuwQtLuzsbhbn4KPOUMIYNUU2Ab7FPTddrLU7fyWpZUu99wqCthr%2BN9keoxtCKYApMF0kDDbFk5Qg0aM9KuSnZKR1ot%2FuLJ7rsvm8QjHCVGmqLSY9fIqm5IvthBcFPjhdAJw5OwrHoFXoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163e074969daa9-MIA
expires: Tue, 06 Feb 2024 20:43:51 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6746 33 KB
11 KB 85ms
68ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37171
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: MfNU6bn0tXrEHclcERO6C5PfdwIWzdYGXw7Z6mmMhHiKgAhbWN50Pg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 6746 2 KB
3 KB 82ms
68ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6746 51 B
429 B 128ms
113ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=1ge24yh5km&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5pnv&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivejapan.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3062ed2ae11c1e888bf3e68ab965378e197c80e5cf46a52475ecedb4bc4700d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
x-t: 0.132
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdfC%2F7gorInLq%2FBhNPjlTNZ2xurrFFqIzK%2F7pmU0d9fEuPq7OLJQ1KGOJHAjrhmRz0zNdlNRsjzeQMy1Zh%2F4CzSfhBV6mNelLu%2B0UiXhWfHEh0RFfo0RK32sRZtfZgqX0xHgG5vkLdpNaHE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e074ff87449-MIA
expires: Tue, 06 Feb 2024 20:46:22 GMT

GET
H2 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame A6AF 108 KB
13 KB 2016ms
2011ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 878F 19 KB
9 KB 77ms
76ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 0A2A 19 KB
9 KB 76ms
75ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:23 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame A1B6 13 KB
4 KB 48ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39017
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e078bd12886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A1B6 6 KB
3 KB 128ms
126ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-185955365&@b3:1707252383&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7054781eb5bf5951dcf248422983959e48f79fa624b36cfd70e1f3bafb1588b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-t: 0.252
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaYuVKr9kulVyVUV13KzcNHUP%2BWJ0TaqyMLHmJCiTr3Z1JFM9Zz2DyeJ9H7D9DEWq725Oi%2FBNozEsJCxBq%2BAyeBwYIyIhy1WbdpkTqHJUVL4weTCngGu54psNtlhfwcCUlcaOrQwXQQMqIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e07989e7449-MIA
expires: Tue, 06 Feb 2024 20:46:22 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 0620 310 B
1 KB 107ms
95ms XHR
application/json 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b656cd7081652f3b931be60b2b32c8a9dce19cb3acb7bf946f2396d8d84b14b2

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vip.roomangkasa.top
cache-control: no-cache
x-server: 10.40.55.48
access-control-allow-credentials: true
content-length: 310
expires: 0

POST
H2 200 a
a.dtssrv.com/ Frame 0620 0
303 B 94ms
92ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=10401707252376755089DB59665E5F0C&k=lotpano&v=5584ef88c587532ec6fe65739cfca9fb927a5d76d379a18f60677ec70c82bac9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baSKD4j5vasZtvKsCmkIvEwXhzpuaXoG%2FAyt1btBDPZO20%2B%2FEMSUIHdh%2BqLvKPAGgv4W68fIKcEfsd64GJrjm3xy0XLeKfKua8VclbHiA0Z6XCKXJ8sWclvLU0QQ1DrUHsyLSt%2BM6piIFo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85163e0a38a43370-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 4151 2 KB
1 KB 67ms
62ms Document
text/html 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65439
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 02:35:46 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
x-amz-cf-id: G-b1M5hAY_9RqIswyzQvxMRhkIbj4N-bpfO1_H0Hfn5xbWHguOQprg==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame E668 43 B
573 B 66ms
64ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=11496

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2

200

merge
ce.lijit.com/ Frame C5A0
Redirect Chain

https://um.simpli.fi/lj_match?r=98563
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

61ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:24 GMT

GET
BLOB 200
OK db1c8666-5012-4ee3-94ee-708e97fe4d15
https://vip.poltar2d.info/ Frame A6AF 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.poltar2d.info/db1c8666-5012-4ee3-94ee-708e97fe4d15
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 7CCC 108 KB
14 KB 301ms
300ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 36B7 0
0 72ms
71ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49058
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:24 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: -gRSYch4zTJLZPqbsPmA7Ha4QQ2885eIfA3RQxaadnnqmganT5HmMw==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame BB2E 43 B
573 B 62ms
62ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=78394

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame EDE6 85 B
482 B 62ms
61ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647777
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: af74hvmdwE7bXEvX0z2udLi8C_nqWOsaroAV-GDQmAOVwpuK7DD0yA==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 82F4 2 KB
1 KB 68ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5849836334145702&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:24 GMT
Expires: Tue, 13 Feb 2024 20:46:24 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 206ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:98993198&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 206ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-178092381&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 210ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:199335542&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 211ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:124120724&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 243ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:49315215&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 306ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-198362060&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 206ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-79211005&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 205ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-95743654&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 215ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-30632832&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 212ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-123324598&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 211ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:101896315&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 223ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:133107621&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 227ms
74ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:135185215&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 230ms
77ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-107020124&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 225ms
77ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-110979899&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 1E3C 438 B
573 B 221ms
76ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:64489873&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:16 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 18E0 167 B
449 B 62ms
61ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame E668 245 B
619 B 198ms
197ms XHR
application/json 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0c1988647825356ec9f70894df4e28d64b7a205c50b07f34d50293ec39e0c95c

Request headers

Referer: https://vip.zona88.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://vip.zona88.top
cache-control: no-cache
x-server: 10.40.0.43
access-control-allow-credentials: true
content-length: 245
expires: 0

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IHj-ASZHA5mXSqTcSkShkITv/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=1ef63964d0079f7f2fddeaf925caff58

43 B
870 B

61ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=1ef63964d0079f7f2fddeaf925caff58
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:24 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=1ef63964d0079f7f2fddeaf925caff58
cache-control: no-cache
x-server: 10.40.49.114
content-length: 0
expires: 0

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame A6AF 227 B
273 B 279ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A6AF 2 KB
376 B 283ms
280ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame A6AF 28 KB
8 KB 283ms
281ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame A6AF 86 KB
29 KB 346ms
343ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame A6AF 13 KB
5 KB 331ms
330ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A6AF 157 KB
26 KB 37ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317908
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A6AF 30 KB
7 KB 46ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674350
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e0b0f437494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A6AF 21 KB
8 KB 40ms
39ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498509
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A6AF 62 KB
16 KB 41ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268434
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 0620 43 B
177 B 73ms
72ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:24 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B214 230 B
529 B 41ms
40ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B214 231 B
530 B 41ms
40ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2611.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B214 482 B
781 B 41ms
40ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2611.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2c43a255e95fbdf338309f6c22ac82b0d7fa1a37ee9c97caf5e40d3fed96f8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 482
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B214 554 B
639 B 42ms
40ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 1f449.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B214 563 B
648 B 43ms
42ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f449.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame BBA8 167 B
451 B 60ms
57ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9733 11 KB
5 KB 54ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38046
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e0bfc2b2886-MIA
content-length: 4547

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame 4093 18 KB
7 KB 85ms
83ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 25179
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e0bfc302886-MIA
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4093 6 KB
3 KB 123ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-75326224&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0d1e2b397fa48cbe7ffd04e39601f47ff880bdd71736b05bd132bff4d47dbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
x-t: 0.287
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnM9N%2BHGRZ19jbxhZPc%2BM%2BrBV%2BVFklbeSn03nO6rV5oYrQ5IkDDgKKcvTeYIOg%2FkW1LjARlBVMoK4R93kLWJ5%2FUzxcxpawnAxwYp5AFgA10QZYNO8EQly4pJnak2XBzKrwT5EEfW0Th9ofA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e0bf8dd7449-MIA
expires: Tue, 06 Feb 2024 20:46:23 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 878F 0
289 B 64ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252383365&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=qNALA2YAuinVdcUUS2VD&urls=&rnd=1707252384621&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=724&bcnLcy=200

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 0A2A 0
289 B 72ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252383387&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=xNALA2YA5S5Ps1x2ujN-&urls=&rnd=1707252384626&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=718&bcnLcy=200

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:24 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 7CCC 227 B
273 B 289ms
288ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 7CCC 2 KB
544 B 289ms
287ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 425
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 7CCC 28 KB
8 KB 293ms
290ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 7CCC 86 KB
29 KB 316ms
313ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 7CCC 13 KB
5 KB 389ms
387ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:24 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 7CCC 157 KB
26 KB 36ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317909
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 7CCC 30 KB
7 KB 53ms
51ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674350
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e0d5b1b7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 7CCC 21 KB
8 KB 39ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498510
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 7CCC 62 KB
16 KB 46ms
44ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268434
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 26443f49-64a5-44fe-ab4c-37574bdf8884
https://vip.poltar2d.info/ Frame 7CCC 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://vip.poltar2d.info/26443f49-64a5-44fe-ab4c-37574bdf8884
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame B214 22 KB
12 KB 54ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22808
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e0e99112886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B214 6 KB
3 KB 143ms
135ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPrediksi%20Singapore%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:185821138&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4495cbd0df7f355b7651859e7cd5c3cb8e0b3848b6107148065b439e96336fcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 0.26
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUywOqWX7fQWH2VNejanb%2BoiPXSCRh5wskLoTMK7HvWeFGq6J8YI60kgD5VZEu49aPFjoH5vI63s8d%2Fimm0eSUUQnDsxZt4%2BNR0v2r5K5VLjjBPXmKn%2B3NNb%2F4yM5poZh3pF6C8vcoYRL5E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e0e9e927449-MIA
expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 6746 2 KB
2 KB 71ms
68ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.690530211876351&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:25 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 6746 42 B
265 B 78ms
76ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.690530211876351&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livejapan.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 6746 50 B
464 B 82ms
75ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:51 GMT
via: 1.1 3f8050fbf1460156d177f2d3d6a03332.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36394
x-amzn-requestid: 4ebc276d-b989-41c1-ab44-0dc727b8f354
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbiuH9niYcEF6g=
content-length: 50
x-amz-cf-id: lLpil7xXDXxNQCI0GP2JoqaYRPd-xTKbwjk8w8NgaWR6oSNoPhOKZw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A1B6 0
458 B 88ms
81ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 1.77
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0zUiamli4VzyPwezEsR94%2Fg32NMKbQHREOSHgI4nWkaWdT4lP4EUNCoWdB%2FwwvmNTDQ5NNBHNssHGKiUxC8ug7KzWL5az4N91U8%2FaLNG5KFOquL5P4so1%2FExOxQCDByILOxvx22zfTilw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e0e9da8daa9-MIA
expires: Tue, 06 Feb 2024 20:20:41 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A1B6 33 KB
11 KB 77ms
70ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37173
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: CCiaCe9PMWiesTSU5dPTCzG085JCL-bO2xHu3Xdim6zb7Pttohp_aA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame A1B6 2 KB
3 KB 80ms
77ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A1B6 0
306 B 190ms
184ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=602u201chl&_pv=2&_ls=3&_cc=us&_pl=d&_b=chrome%40121&_cbid=184w&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 0.092
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHFpIPcqnL%2FT4pSTGl3IK1I27qxEFfnoaid8JM8Xiet0HzuZzU%2F2Yx01jHAs0O%2F0yoYTKlSTqacNwTZfcyaIpMDsb54s3S8XsGXaR4fL2rx1GczIq76WJWGdjq3aKZBuYepvhQvdqjfomCQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e0e9e997449-MIA
expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame EDE6 766 B
1 KB 73ms
63ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650841
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: FIy2En-UiihpyzWjezMNkREQd79fa0p8ujHbFFAuAtgwH3kuWMDH6Q==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 788F 11 KB
5 KB 55ms
53ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38047
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e0eb9622886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame E189 12 KB
3 KB 289ms
285ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:25 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame 788F 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 788F 75 KB
76 KB 59ms
56ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 4
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e0ee9044c02-MIA
cdn-requestpullsuccess: True

POST
H3 200 a
a.dtssrv.com/ Frame E668 0
455 B 94ms
91ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=10401707252376755089DB59665E5F0C&k=lotpano&v=5584ef88c587532ec6fe65739cfca9fb927a5d76d379a18f60677ec70c82bac9
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zona88.top%2Ftabel-shio%2F&j=https%3A%2F%2Fvip.disksusiangka.info%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzLfCqoiOHgZp0jN7vWyT0%2F0bDFQL2msFh%2Fn9qcBGIUZrAsIcSYouv3xtO0c25HOw7EBd4h%2Bi4KaSiVQixagElNWcpKv2bqJYn%2Bk0y9Y%2F%2Bj4Px9QcAfzHHh8tau29FPNH%2BJF4XpqFv%2Fpfxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85163e0f7bf0db01-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 279C 2 KB
1 KB 68ms
66ms Document
text/html 13.224.214.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-92.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65440
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Tue, 06 Feb 2024 02:35:46 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 18235244f92adbfef142c197cb3eac0c.cloudfront.net (CloudFront)
x-amz-cf-id: mYFnQTKcNqW4LNUU9eghl0hTYgcD1C-x5p1O0n6HYxvt7CYmoHPfYg==
x-amz-cf-pop: PHL50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame E203 108 KB
13 KB 268ms
264ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame E203 227 B
271 B 269ms
264ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame E203 2 KB
374 B 270ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame E203 28 KB
8 KB 271ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame E203 86 KB
29 KB 275ms
270ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame E203 13 KB
5 KB 287ms
282ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame E203 157 KB
26 KB 42ms
38ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317909
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E203 30 KB
7 KB 50ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674351
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e0fbe957494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame E203 21 KB
8 KB 44ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498510
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame E203 62 KB
16 KB 45ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268435
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame E203 3 MB
3 MB 262ms
260ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame E203 311 B
338 B 369ms
367ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame E203 43 B
182 B 214ms
71ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame E203 3 KB
1 KB 276ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame E203 8 KB
2 KB 265ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame E203 6 KB
2 KB 264ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame E203 112 KB
34 KB 264ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame E203 4 KB
2 KB 275ms
274ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame EEDB 43 B
177 B 71ms
68ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:25 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E668 0
143 B 89ms
86ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=12310&pu=https://vip.disksusiangka.info/
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6E44AE53E36A49BF9B3F6EC60DAFD4F5 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKv4iAGGe8fKnyxvLg==

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame C5A0 43 B
573 B 63ms
62ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=89257

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 9C7B 85 B
482 B 62ms
61ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647778
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: JeNebsre2FUzOtKzzHszRy4L5iNLceNGu5B9VIVMgzWGBlKsVTY-WQ==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 70AF 43 B
573 B 62ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=12363

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3

200

/ Show response
vip.poltar2d.info/prediksi-taiwan/ Frame A843
Redirect Chain

https://vip.poltar2d.info/prediksi-taiwan
https://vip.poltar2d.info/prediksi-taiwan/

103 KB
24 KB

332ms
332ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-taiwan/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

f32d186fa93956e4f34f294de3a0ba24afec2d3e1b856b237f93cfa4b0512f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:25 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/91>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=91>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:25 GMT
location: https://vip.poltar2d.info/prediksi-taiwan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A97F 0
0 73ms
71ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=25006
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:25 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: LzPEtRdH8HzWoslye24GIW42aEhfv0N9lD2rMtyu361lHBVKABfyfQ==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame A6AF 258 KB
258 KB 473ms
464ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame A6AF 4 MB
4 MB 261ms
253ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame A6AF 53 KB
53 KB 373ms
372ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame A6AF 652 KB
652 KB 327ms
325ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame A6AF 397 KB
397 KB 266ms
262ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame A6AF 443 KB
443 KB 550ms
529ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame A6AF 829 KB
829 KB 628ms
607ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame A6AF 736 KB
736 KB 526ms
505ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame A6AF 1 MB
1 MB 527ms
506ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame A6AF 2 MB
2 MB 602ms
582ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame A6AF 2 MB
2 MB 1870ms
1850ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:28 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame A6AF 733 KB
733 KB 529ms
509ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame A6AF 2 MB
2 MB 526ms
506ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame A6AF 812 KB
812 KB 660ms
640ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame A6AF 659 KB
659 KB 526ms
506ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame A6AF 1 MB
1 MB 745ms
726ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame A6AF 718 KB
718 KB 521ms
502ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame A6AF 309 KB
309 KB 558ms
540ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame A6AF 1 MB
1 MB 608ms
590ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame A6AF 173 KB
173 KB 527ms
509ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame A6AF 65 KB
65 KB 520ms
503ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame A6AF 3 KB
1 KB 665ms
649ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A6AF 8 KB
2 KB 299ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A6AF 6 KB
2 KB 318ms
296ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A6AF 112 KB
34 KB 319ms
297ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A6AF 4 KB
2 KB 387ms
366ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 7CCC 258 KB
258 KB 659ms
656ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 7CCC 4 MB
4 MB 412ms
409ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 7CCC 53 KB
53 KB 402ms
396ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:25 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 7CCC 652 KB
652 KB 442ms
407ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 7CCC 397 KB
397 KB 583ms
548ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 7CCC 443 KB
443 KB 580ms
543ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 7CCC 829 KB
829 KB 581ms
544ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 7CCC 736 KB
736 KB 544ms
508ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 7CCC 1 MB
1 MB 787ms
750ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 7CCC 2 MB
2 MB 599ms
563ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 7CCC 2 MB
2 MB 2040ms
2005ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 7CCC 733 KB
733 KB 551ms
516ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 7CCC 2 MB
2 MB 841ms
817ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 7CCC 812 KB
812 KB 535ms
512ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 7CCC 659 KB
659 KB 529ms
508ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 7CCC 1 MB
1 MB 559ms
537ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 7CCC 718 KB
718 KB 804ms
782ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 7CCC 309 KB
309 KB 584ms
563ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 7CCC 1 MB
1 MB 551ms
530ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 7CCC 173 KB
173 KB 901ms
882ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 7E52 19 KB
9 KB 76ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame 1E3C 18 KB
7 KB 164ms
161ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 25180
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e113ec62886-MIA
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 1E3C 6 KB
3 KB 119ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:98993198&@b3:1707252384&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf56d3bf39e9edb72fa20d4367a8c1ee7d9da15a70a3a0cba465e2e12058d5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 0.276
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmGAR7CsjnociSs7J9pyQVgDhqGEy6E1YKlJZXbQH8USeSPsQ4%2FyJUIf5xvLHdDTsiII%2B9S4z4YOIbsN%2BqdjhuPTRKyAg1QvqxdibNmQVVMmdYJfVOWxseuDgh6EimY3NrkcdgEOr%2F%2Brb3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl1
cf-ray: 85163e113c5a7449-MIA
expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame E189 15 KB
3 KB 353ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 9C7B 766 B
1 KB 64ms
62ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650841
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: yH6a1Hrnla50vECwfqzUvkgUWcrOoraTthQ4akLgAKoEiQH_05BdIQ==

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 9733 434 B
569 B 227ms
75ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-97303431&@b3:1707252385&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 346eddca5c9a88267082afb80096b1d66a203b40fb99f0c8fbaf58f8dcccec99

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4093 0
547 B 89ms
87ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 1.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl302s6TQLuFFn07H12iP0N0L4y9D2WoaLVpu39a0fUS18k2c1PSAnq9FdgW4ceBv6aa4O933rEAH3va2WUw%2BtEzLk8%2FUt%2FNceC8WMpUyiYmz6yhN3p1qFQFvi2Mss632A5XoO5I%2F3aQHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 85163e11db13daa9-MIA
expires: Tue, 06 Feb 2024 20:49:47 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4093 33 KB
11 KB 75ms
73ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37173
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: -BFs78KWF4q9pFpy9Vqyj0PAgRlqFFVsgAPsbMNWM1FcefH_LMNe5A==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 4093 2 KB
3 KB 76ms
75ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4093 51 B
430 B 125ms
124ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=2nr423akbd&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=284x&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d69360449083669eebe0d795811894078d279c640f7e3c699abc094a0c2af5b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 0.192
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiiFCs5DqqV8o%2FJOD%2F8oKzrx4XpvTl6fdTXQh4O4xk%2Fb0VU3blUjDFrY9kbeRujW%2BaoI53MBTP%2FI047yOKUt%2FXRvDhS1GGk5oBxkIhofaBGoQUxrioeAVxlKZYw40gKQ3IlfemfIifgjCR8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e11dd7b7449-MIA
expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H3 200 jpn.php Show response
rankcrack.com/ Frame 2810 567 B
653 B 770ms
769ms XHR
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/jpn.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c773409949646d722814bdefe8ff648f7ab5952b62bc63b05203f9b0f47cb31

Request headers

Accept: text/html, */*; q=0.01
Referer: https://rankcrack.com/live-draw-japan.php
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkH57pllSFx9vSPcvwSugrmm%2FkaECfQjhWicufaJ%2Bhe4OdwvDEmfpMx%2BIYDuQ4iXS7ELi02sJXhK%2FHdazqcmZ9ZhXqtOSGPqMlvaeaEgRslrVTfx5jV%2FN0qJZvwiLKFpwPck1SnbwyffxQfl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85163e122bd49af1-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 341A 2 KB
1 KB 66ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.690530211876351&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:25 GMT
Expires: Tue, 13 Feb 2024 20:46:25 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame 788F 436 B
571 B 229ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-8895044&@b3:1707252386&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 0c13dc2dbdced3c6ff3dea6e3eb129d4497118945497a02594347e18c5f3129e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:17 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 788F 18 KB
5 KB 339ms
337ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:25 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 599 B
983 B 77ms
74ms Script
application/javascript 3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: 65cf2407ec00c747801843dbcc738b1db2a181af6e9fbd726cefa0cf0c93b393

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Tue, 06 Feb 2024 20:46:25 GMT
Content-Length: 599
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B214 0
437 B 203ms
198ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 1.13
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26cZkvNB5bL91Pm9%2Bc7eR67Uotwu%2BdywZJQqD5K1Ik6n4F9dXp4%2FWTU%2BOcuqY5q9FnYPWxK%2Bocfbz8gw7G91Z6MBswcK4q3BJN3JAxRHFFHAfSiLrIbhKG6TKLBOoNk8CWI9ts8UVbb%2B4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85163e12ac83daa9-MIA
expires: Tue, 06 Feb 2024 19:52:17 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B214 33 KB
11 KB 417ms
412ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37173
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: VWoyfJhdzatjIrikMQgE8Bijp4n3iRpxuIut9ORc77cpS-DiyIk5hw==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame B214 2 KB
3 KB 357ms
356ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B214 0
283 B 116ms
111ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=3ea10jbm6h&_pv=3&_ls=7&_cc=us&_pl=d&_b=chrome%40121&_cbid=5jj6&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:25 GMT
x-t: 0.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61Jol%2FRvR0KFiFxr62qDCAvUuBthhXkwq7ObIRVBtCyXerWk01VN7I1qdSn6B9wRt0VCXyrRO9%2BvFsb4O6pUF48xwASpfJ2etycOPJ7WI7FTyfKugl6U7h3Dwfv%2Fy0xiphVJisRuISD8bSM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e12af0d7449-MIA
expires: Tue, 06 Feb 2024 20:46:24 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame A1B6 2 KB
2 KB 270ms
268ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4000715189226245&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:25 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame A1B6 42 B
265 B 72ms
71ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.4000715189226245&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A1B6 5 KB
2 KB 69ms
67ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3265
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ECkDtcpnFXahMgRbJwPfsq7V7e_HsGq6zhabRmV5oGw-NG3MAFkh4w==

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 5CCC 2 KB
2 KB 550ms
549ms Document
text/html 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9d02c18f78ec502bc86949e916f78338a176bfdf8fbfda6f10ef1c4cb868d7d0

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 2016
content-type: text/html
date: Tue, 06 Feb 2024 20:46:25 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.48.192

GET
DATA 200
OK truncated
/ Frame B214 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6746 5 KB
2 KB 69ms
67ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3265
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: lMTuiD_eE6v3bj-IIOUryOMZrInF6OnBIe7Gr73ZBN-wJIP--GJiXw==

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame E203 135 KB
135 KB 266ms
263ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 7E52 0
289 B 68ms
67ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252384419&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=giALA2YApgwm4i-FdsYi&urls=&rnd=1707252385965&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=487&bcnLcy=560

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:26 GMT

GET
DATA 200
OK truncated
/ Frame 7CCC 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 1E3C 0
446 B 94ms
80ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-t: 1.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Cb2whJ1t3OKc%2BGq6LOZwBotEW8pvgyTI0T%2Bp9kAJAeXxxWu2T7Phm0kN5O2VQx81Q%2FHJn0SD3qfbfRJW0BRn%2BAX9QPRhrjETF3AJJcwyLGGpah%2FPsuL%2FK6iHRhl%2BUeRn%2BR0DnyrZvmFuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e150800daa9-MIA
expires: Tue, 06 Feb 2024 20:20:42 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1E3C 33 KB
11 KB 78ms
65ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37174
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: kTxDJh16MUrRo8keWiO9iFKjYw--f5Z47NDT-ruKG346T_CvV0c5_w==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 1E3C 2 KB
3 KB 76ms
70ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 1E3C 51 B
382 B 127ms
115ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=2nr423akbd&_pv=2&_ls=1&_cc=us&_pl=d&_cbid=60re&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0382ec3b7518594cecc67a22ebb186e8cd29f28552bef80409d1ccd14c165ba3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-t: 0.165
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vynp9CIqhKddcQ1iTvO9N%2FvLkTiekAL8O8Qm%2BldiR6FEMoB9VdQTsRby0cLcb7RsEwky%2FXs6ixCqvObg7pGIlOMRP1W3WMg%2BLza83RsquwWbQl5V3d6ObouHcBZs8j6qOQl6SV2HytVg4E%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e150bfc7449-MIA
expires: Tue, 06 Feb 2024 20:46:25 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E203 11 KB
5 KB 160ms
159ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38048
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e15b89d2886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame 5C0B 10 KB
2 KB 275ms
274ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 6D61 112 KB
25 KB 380ms
378ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

31cbb95ea7d7b1c4e810cbbbf485ec0a84305e1218f350a6734e618a71a6a1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:26 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6CBF 0
0 71ms
70ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93415
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:26 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: Fysv9bGT6rI6n5SRNQs6x89kLO_9fkbM8GTa-NyldprfkcN_Qgzd3A==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame E668
Redirect Chain

https://um.simpli.fi/lj_match?r=32471
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

278ms
277ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:26 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 70AF 0
143 B 94ms
90ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=32080&pu=https://vip.zona88.top/
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0DB8CCD067B9488DB7BC5FFA0A0581EB Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKwF8D22TZZeI5S9Dg==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 0620 43 B
573 B 66ms
65ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=35444

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame E203 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame E203 75 KB
76 KB 48ms
47ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 8
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e168d794c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame F6B6 208 B
400 B 68ms
67ms Document
text/html 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a205d27d1c6871cf44e28d10d78c3f41bf88edd6b16a651a4ce54e1997906459

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 208
content-type: text/html
date: Tue, 06 Feb 2024 20:46:26 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.2.9

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 18E0 43 B
177 B 90ms
88ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame BBA8 43 B
177 B 81ms
80ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 73ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7318635789907897&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 79ms
75ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.7318635789907897&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 71ms
68ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.47357434699753287&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 82ms
78ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.47357434699753287&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 74ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.14654110739607962&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 82ms
77ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.14654110739607962&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 71ms
67ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.13251370067127133&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 79ms
75ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.13251370067127133&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 73ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.11491562100993646&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 78ms
75ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.11491562100993646&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 72ms
68ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5714294532342294&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 75ms
71ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.5714294532342294&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 72ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8948956030463366&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 72ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.8948956030463366&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 270ms
268ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.38652421053422037&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 71ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.38652421053422037&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 281ms
278ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6774624784207877&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 71ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.6774624784207877&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 150ms
70ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.18383501496787136&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 72ms
70ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.18383501496787136&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 71ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2528415633634691&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 74ms
72ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.2528415633634691&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 187ms
145ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.26291622826053507&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 74ms
72ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.26291622826053507&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 174ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.08578313421753658&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 74ms
73ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.08578313421753658&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 71ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6807537046232486&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 72ms
71ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.6807537046232486&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 96ms
70ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.981706411056597&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 73ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.981706411056597&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 4093 2 KB
2 KB 280ms
279ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8322626948861593&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 4093 42 B
265 B 71ms
67ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.8322626948861593&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
463 B 84ms
82ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: nC1xfSXqeFSvkHvpMVGi_dxrs5ljeAvRyJY-xb4t1yivsJwSB-dQDg==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
464 B 87ms
85ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: aCwZinbWfoy7UuGMqNn5ZLNVjYRx87t-X3LG0WjMeOlYOCV_t-Zu-g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
462 B 80ms
79ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: rOwmzzuHlcJc0EaRZ4Si189Sj33t7DeerU35bfhL1swExlqS6TRmYQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
463 B 78ms
77ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: LJ4G360agLzC-_2Xrc9vQt7lQLyi3JWysuE1kD-HNn1tCybqXujOhg==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
462 B 80ms
78ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: CqD_jHS5meI1ygZifuiGHMUe6aioC4RERUET5Exot2Imu8y-kbaYPA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
464 B 79ms
79ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 1rl8zQeWUDzQ8KDRBpWUx8ODEspY9aFEz4nw5Bu1Fd93QJ-kVlW5LA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
464 B 79ms
78ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 4IqH1FbLb6HqPNcT1DPsqDfqxNNFZMPfyJzgHBmFocFtxw0-2mwSnw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
464 B 77ms
77ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: ubVrquoy3bBQmQvCCuLHpUEY4vHAhZLzRL4IoXxbhw12O_T6TIyLOQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
463 B 77ms
77ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: GMkPKt4EDUnI4zBwqIrrqAR7P_f3cT0Aro7wgHuf0xzwQCpVJnSXiA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
462 B 78ms
77ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: Txgneu-YIqO7oS_Q__FP8GY91p8pofUWVmc98toJgFBei81V7fTT0w==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
453 B 106ms
106ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: x2fbjVAl-3WPaOisT1DEflWEWRf9ge3UMY4BAIvd1hL1X6c690WEyA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
453 B 105ms
105ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 9WReKPqnBLbWXc8UB5jnnxDzIO6T_JS1cB6-06mipQhmn9GX1msc1g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
453 B 104ms
104ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: zQw7mz_eukgnlYJ_OJqEz41ow-ctc4psq_FThc2NRARb4YJ5xGWi7g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
455 B 102ms
98ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: fhZp0J6F7_KjoDajQOORrOW1xwaZhcnDFVXeTpDKKMQOdFiw-B8WzQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
454 B 102ms
99ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: QxqcgoB1ZcnmeBGFZkdzmLS3A8dtsW2XkGb7uVYcktULzoZPzHdxjA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 4093 50 B
455 B 100ms
99ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: aT_GF36MiPaIhMLL2cSqJO5PLX_EKXxfOm2gifL3lNjDxAYNJsJDnw==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame A843 108 KB
13 KB 283ms
279ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame A843 227 B
273 B 285ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A843 2 KB
376 B 286ms
281ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame A843 28 KB
8 KB 289ms
285ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame A843 86 KB
29 KB 302ms
298ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame A843 13 KB
5 KB 367ms
363ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame A843 157 KB
26 KB 37ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317910
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A843 30 KB
7 KB 50ms
48ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674352
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e175b997494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame A843 21 KB
8 KB 38ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498511
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame A843 62 KB
16 KB 49ms
45ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268436
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame A843 258 KB
258 KB 259ms
256ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame A843 4 MB
4 MB 238ms
234ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:26 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame A843 53 KB
53 KB 269ms
266ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame A843 652 KB
652 KB 282ms
281ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame A843 397 KB
397 KB 236ms
235ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame A843 443 KB
443 KB 417ms
401ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame A843 829 KB
829 KB 246ms
230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame A843 736 KB
736 KB 375ms
359ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame A843 1 MB
1 MB 273ms
257ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame A843 2 MB
2 MB 288ms
273ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame A843 2 MB
2 MB 1841ms
1827ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:31 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame A843 733 KB
733 KB 284ms
270ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame A843 2 MB
2 MB 694ms
681ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame A843 812 KB
812 KB 287ms
274ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame A843 659 KB
659 KB 292ms
280ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame A843 1 MB
1 MB 617ms
605ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame A843 718 KB
718 KB 412ms
401ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame A843 309 KB
309 KB 231ms
220ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame A843 1 MB
1 MB 366ms
355ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame A843 173 KB
173 KB 347ms
337ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame A843 65 KB
65 KB 1078ms
1069ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame A843 3 KB
1 KB 314ms
305ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A843 8 KB
2 KB 631ms
630ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A843 6 KB
2 KB 456ms
456ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:28 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:28 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame A843 112 KB
34 KB 288ms
283ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame A843 4 KB
2 KB 326ms
309ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 69A7 19 KB
9 KB 207ms
198ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 9733 22 KB
12 KB 422ms
420ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22809
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e17cc1f2886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 9733 6 KB
3 KB 124ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-97303431&@b3:1707252385&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893f562d4987fa6c08edfa545ba1bac38e5c420c97df526522c8fb81f5e4cbd6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-t: 0.263
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JksItpLrr9aygH7fyQ%2Bxexz45Y1zcLh%2BXjHk3TD2lvVg2PkQVUls0fM8yy%2BlRx7qAz21%2FECw8PIwg9mdI1axDrLUZlczOETxWf5S4UQFS%2Fh6Y6Vo6VZkSg6r6I7eRDFQk%2Fh00DpAFv5g2lE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl1
cf-ray: 85163e17c9c07449-MIA
expires: Tue, 06 Feb 2024 20:46:25 GMT

GET
H2

200

sync
thrtle.com/
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://match.prod.bidr.io/cookie-sync/throtle?
https://thrtle.com/sync?vxii_pdid=AAAdYU7LhTUAABKHLbqwlg&vxii_pid=5037&_t=1707252386.6059995

43 B
539 B

76ms
65ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pdid=AAAdYU7LhTUAABKHLbqwlg&vxii_pid=5037&_t=1707252386.6059995
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:26 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pdid=AAAdYU7LhTUAABKHLbqwlg&vxii_pid=5037&_t=1707252386.6059995
Date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200

c.gif
tag.crsspxl.com/ Frame 5CCC
Redirect Chain

https://tag.crsspxl.com/c.gif?t=57603&gdpr=0
https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0

43 B
142 B

71ms
68ms

Image
image/gif

34.232.140.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-140-51.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://tag.crsspxl.com/c.gif?cc=1&t=57603&gdpr=0
Date: Tue, 06 Feb 2024 20:46:27 GMT
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET lotame
ad.mrtnsvr.com/sync/ Frame 5CCC 0
0

GET
H2

200

engine
pbid.pro-market.net/ Frame 5CCC
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=1ef63964d0079f7f2fddeaf925caff58
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=1ef63964d0079f7f2fddeaf925caff58&sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=OTAyNzE1NzAwNDUzOTI4MTQ1MQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEAPlTxRy4BHzGPdON5AGkgg&google_cver=1

43 B
399 B

401ms
395ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEAPlTxRy4BHzGPdON5AGkgg&google_cver=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEAPlTxRy4BHzGPdON5AGkgg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

MAP.d
map.sddan.com/ Frame 5CCC
Redirect Chain

https://map.cookieless-data.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=
https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=&bounce=1

42 B
862 B

145ms
144ms

Image
image/gif

51.15.145.116
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=&bounce=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

HTTP/1.1

Server

51.15.145.116 , France, ASN12876 (Online SAS, FR),

Reverse DNS

online-prod.ipsfailover.com

Software

nginx/1.20.2 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains; preload
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:28 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 42
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:28 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Server: nginx/1.20.2
P3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Location: https://map.sddan.com/MAP.d?mn=lotame&pa=22621&mv=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&gdpr_consent=&bounce=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 0
X-Xss-Protection: 0
Expires: Tue, 01 Jan 2000 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 5CCC
Redirect Chain

https://spl.zeotap.com/?zdid=637&env=mWeb&eventType=pageview&gdpr=0
https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=13db9786-9c0e-434e-7e27-8a377d59496c?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_...
https://mwzeom.zeotap.com/mw?pid=1ef63964d0079f7f2fddeaf925caff58&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=bea69cc1-...

95 B
177 B

156ms
154ms

Image
image/png

2606:4700:10::ac43:28ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?pid=1ef63964d0079f7f2fddeaf925caff58&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=bea69cc1-f3df-44e4-48ac-d307d93e9c05&zdid=637

Requested by

Protocol

Server

2606:4700:10::ac43:28ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://bcp.crwdcntrl.net
access-control-allow-credentials: true
cf-ray: 85163e1a5a9609b2-MIA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://mwzeom.zeotap.com/mw?pid=1ef63964d0079f7f2fddeaf925caff58&zpartnerid=637&env=mWeb&env=mWeb&eventType=pageview&gdpr=0&id_mid_26=&id_mid_4=13db9786-9c0e-434e-7e27-8a377d59496c&reqId=bea69cc1-f3df-44e4-48ac-d307d93e9c05&zdid=637
cache-control: no-cache
x-server: 10.40.51.192
content-length: 0
expires: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 5CCC
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=0aed2b532462e974f32d0f00a27b11ae&gdpr=0

49 B
265 B

80ms
74ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=0aed2b532462e974f32d0f00a27b11ae&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.51.146
content-length: 49
expires: 0

Redirect headers

date: Tue, 06 Feb 2024 20:46:27 GMT
via: 1.1 b3879c23ec3b402566708cfe9d0ddc18.cloudfront.net (CloudFront)
x-clacks-overhead: GNU Terry Pratchett
x-adswizz-request-id: 86b309e4-5934-485a-9f73-2b370d081f31
x-amz-cf-pop: MIA3-C3
x-cache: Miss from cloudfront
location: https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=0aed2b532462e974f32d0f00a27b11ae&gdpr=0
x-amz-cf-id: eRipBJz7316oi_PV9LCozz426ELcvSwTv4jGZcOfIo3vSpqTISIfXw==

GET partner
sync.search.spotxchange.com/ Frame 5CCC 0
0

GET
H2

200

tpid=264ff30c-29ce-4cb5-90cb-d84731a1c787
bcp.crwdcntrl.net/map/c=10737/tp=AMBO/ Frame 5CCC
Redirect Chain

https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79
https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=264ff30c-29ce-4cb5-90cb-d84731a1c787

49 B
264 B

79ms
78ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=264ff30c-29ce-4cb5-90cb-d84731a1c787
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.8.156
content-length: 49
expires: 0

Redirect headers

location: //bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=264ff30c-29ce-4cb5-90cb-d84731a1c787
date: Tue, 06 Feb 2024 20:46:27 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=26f95d0f-896a-49d9-9b78-9cfac059382b/ Frame 5CCC
Redirect Chain

https://jadserve.postrelease.com/dmp/5?vk=1ef63964d0079f7f2fddeaf925caff58/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=26f95d0f-896a-49d9-9b78-9cfac059382b/gdpr=0

49 B
265 B

74ms
73ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=26f95d0f-896a-49d9-9b78-9cfac059382b/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.54.246
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
server: nginx
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=26f95d0f-896a-49d9-9b78-9cfac059382b/gdpr=0
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

0.gif
x01.aidata.io/ Frame 5CCC
Redirect Chain

https://x01.aidata.io/0.gif?pid=LOTAME&id=1ef63964d0079f7f2fddeaf925caff58&gdpr=0
https://x01.aidata.io/0.gif?pid=LOTAME&id=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&bounce=1

0
433 B

199ms
198ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LOTAME&id=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&bounce=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
last-modified: Tue, 06 Feb 2024 20:46:26 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Tue, 06 Feb 2024 20:46:26 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
last-modified: Tue, 06 Feb 2024 20:46:26 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=LOTAME&id=1ef63964d0079f7f2fddeaf925caff58&gdpr=0&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Tue, 06 Feb 2024 20:46:26 GMT

GET 66.png
geo-um.btrll.com/v1/map_pixel/partner/ Frame 5CCC 0
0

GET
H2

200

rand=741898726
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/ Frame 5CCC
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=741898726
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=741898726

49 B
265 B

69ms
66ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=741898726
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.53.193
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
an-x-request-uuid: 40b60d83-a532-4896-904d-ac43252f7b73
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=741898726
x-proxy-origin: 38.132.118.71; 38.132.118.71; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

tpid=C9471E5D3D4D6B8A
bcp.crwdcntrl.net/map/c=12526/tp=SEMA/ Frame 5CCC
Redirect Chain

https://bcp.crwdcntrl.net/map/c=12526?https%3A%2F%2Fuipus.semasio.net%2Flotame%2F1%2Fget%3FsType%3Dsync%26sExtCookieId%3D%24%7Bprofile_id%7D%26sInitiator%3Dexternal%26_url%3Dhttps%3A%2F%2Fbcp.crwdc...
https://uipus.semasio.net/lotame/1/get?sType=sync&sExtCookieId=1ef63964d0079f7f2fddeaf925caff58&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()}
https://uipus.semasio.net/lotame/1/get2?sType=sync&sExtCookieId=1ef63964d0079f7f2fddeaf925caff58&sInitiator=external&_url=https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=${UIPID()}
https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=C9471E5D3D4D6B8A

49 B
265 B

68ms
67ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=C9471E5D3D4D6B8A
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=156%2C146%2C142%2C140%2C139%2C132%2C113%2C101%2C86%2C76%2C40%2C2&b=1783756%2C1162271&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.50.238
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:28 GMT
Frontend-ID: 12
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://bcp.crwdcntrl.net/map/c=12526/tp=SEMA/tpid=C9471E5D3D4D6B8A
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2 200 /
dmp.adform.net/dmp/profile/ Frame 5CCC 35 B
231 B 78ms
70ms Image
image/gif 185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/dmp/profile/?pid=10131&sg=44470

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: image/gif

GET
H3

200

/ Show response
vip.badutprediction.info/prediksi-taiwan/ Frame 4C03
Redirect Chain

https://vip.badutprediction.info/prediksi-taiwan
https://vip.badutprediction.info/prediksi-taiwan/

106 KB
21 KB

521ms
521ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/prediksi-taiwan/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

4e0563e7d6eadc52694ff377671f895c5140eadbcc1eaff3ff216efc554c07bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/prediksi-cambodia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:28 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/91>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=91>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:27 GMT
location: https://vip.badutprediction.info/prediksi-taiwan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=ZcKanwAACtYtYwBB&bid=0rijhbu&referrer_pid=51md42u

70 B
440 B

145ms
75ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZcKanwAACtYtYwBB&bid=0rijhbu&referrer_pid=51md42u
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-mia-kmia1760050-MIA
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1707252387.608999,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZcKanwAACtYtYwBB&bid=0rijhbu&referrer_pid=51md42u
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=6740019904450003240&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

80ms
75ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=6740019904450003240&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
an-x-request-uuid: 7d9bc3f8-f028-490c-af18-558c1a9d3f34
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=6740019904450003240&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 38.132.118.71; 38.132.118.71; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

19505
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/39798?limit=1&id=2PpRG53Wr0FTWSbaiPvFVgFrKEcNp0m_ZPiXc5xMIlKI
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI
https://tags.bluekai.com/site/19505?id=y-c7PPntZE2pKnzg.GB9VUmDsvIOSzV4KF7cA-~A

62 B
305 B

143ms
141ms

Image
image/gif

23.37.113.114
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/19505?id=y-c7PPntZE2pKnzg.GB9VUmDsvIOSzV4KF7cA-~A
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 23.37.113.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-113-114.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 06 Feb 2024 20:46:27 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/19505?id=y-c7PPntZE2pKnzg.GB9VUmDsvIOSzV4KF7cA-~A
date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 qmap
sync.crwdcntrl.net/ 49 B
264 B 72ms
68ms Image
image/gif 50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.57.23
content-length: 49
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=978758895935713150&bid=omt9pi0

70 B
440 B

69ms
63ms

Image
image/gif

3.230.62.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=978758895935713150&bid=omt9pi0
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: HTTP/1.1
Server: 3.230.62.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-62-22.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif
Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=978758895935713150&bid=omt9pi0
Date: Tue, 06 Feb 2024 20:46:26 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 6746 167 B
451 B 62ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://w1.bungaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame A1B6 167 B
451 B 63ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E189 11 KB
4 KB 355ms
352ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38048
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e186d592886-MIA
content-length: 4547

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 788F 13 KB
4 KB 355ms
353ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39020
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e186d632886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 788F 6 KB
3 KB 120ms
119ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-8895044&@b3:1707252386&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd31499c688f228d120f95ad8ea056937c3a340ab0c83300a7915f6bd3d3b8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-t: 0.238
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCvv3tpdIz8vNHJPJhAVC1NB09fVB8Pk5aK7DfSZaST2K7d059LF2JilpYS9Ly%2BDaa5YgxSotzDKlUsOJIuAUAka%2BXK3y9%2FQ6bKvsa7YDv3GpgGVb5cdJ0eHWzx%2BK2bueCgOcspnUAJDauE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e186add7449-MIA
expires: Tue, 06 Feb 2024 20:46:25 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 7CCC 95 KB
32 KB 378ms
366ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 7CCC 2 KB
780 B 660ms
649ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 7CCC 13 KB
3 KB 661ms
651ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 7CCC 65 KB
65 KB 702ms
691ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 7CCC 3 KB
1 KB 688ms
677ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 7CCC 8 KB
3 KB 688ms
677ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2473
expires: Tue, 13 Feb 2024 20:38:53 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 7CCC 6 KB
2 KB 688ms
678ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 7CCC 112 KB
35 KB 695ms
685ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35895
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 7CCC 4 KB
2 KB 649ms
639ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1641
expires: Tue, 13 Feb 2024 20:40:01 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 6A78 2 KB
1 KB 74ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4000715189226245&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame B214 2 KB
2 KB 583ms
552ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.31589859186506786&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame B214 42 B
265 B 71ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2Flive-japan%2F&event_source=dtscout&rnd=0.31589859186506786&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame B214 5 KB
2 KB 64ms
60ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3266
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: grGKuv-aEfIAm8ih4N-EBO3cegc2-2UaWIlvrRaMtm16McsMvnZ1OQ==

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame E203 18 KB
5 KB 272ms
271ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:26 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A6AF 11 KB
4 KB 253ms
253ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38048
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e190e512886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.velbettgroup.com/ Frame 89D5 10 KB
3 KB 1064ms
269ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:28 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame A6AF 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A6AF 75 KB
76 KB 57ms
54ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e19395f4c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3D62 2 KB
1 KB 89ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7318635789907897&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame EEDB 43 B
573 B 73ms
72ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=35323

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame E668 43 B
573 B 72ms
71ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=89986

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 1DB6 85 B
481 B 89ms
60ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zona88.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647780
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: yIkm1v4JenFA6eRb8NFo0L3eZpWQv72Jo0QlFxAbot61OV9sRYMYTQ==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame 70AF
Redirect Chain

https://um.simpli.fi/lj_match?r=12303
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

65ms
63ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:26 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 74ms
70ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6771428333945828&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 79ms
75ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.6771428333945828&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 73ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4671213723486325&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 76ms
72ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.4671213723486325&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 74ms
70ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5292439897031789&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 75ms
71ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.5292439897031789&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 70ms
67ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6061486507628193&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 73ms
70ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.6061486507628193&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 157ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.695589146697168&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 73ms
70ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.695589146697168&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 79ms
71ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.17621052457725161&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 82ms
74ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.17621052457725161&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 77ms
70ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7529839723388418&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 75ms
72ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.7529839723388418&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 76ms
69ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6000849549908516&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 74ms
72ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.6000849549908516&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 158ms
64ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.04951338001479&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 75ms
72ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.04951338001479&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 158ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.22133942581828236&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 72ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.22133942581828236&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 69ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.560242859372597&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 71ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.560242859372597&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 68ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4173533753825063&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:26 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 71ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.4173533753825063&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 104ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.25445170914546544&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:27 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 71ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.25445170914546544&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 139ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9471028863942241&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:27 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 73ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.9471028863942241&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 68ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.07882137944955137&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:27 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 69ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.07882137944955137&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 1E3C 2 KB
2 KB 68ms
67ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9214935366754118&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:27 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 1E3C 42 B
265 B 70ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.zonaprediction.com%2F&event_source=dtscout&rnd=0.9214935366754118&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 66ms
61ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: KljcbwDmPyc1L8xgkkVfZmrNCrJLPC8F4r7dW9hsLOY2IbHOGIeZ1w==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 64ms
60ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: -z6KrNiKXHd_5EU5VAuWsxMHVuKIjinqb_vIspuRu9gQvis7Sy2G8g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 63ms
61ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: L9mdWzIAJoI7xMPNEaSKKyF0XStJQmm1StePXsd2CqoHB8oX0YaRMw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 65ms
62ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 7YETA3OQN2NiUVuToyoQ9mb35hV7QQqEEEtd7B1ZMtWHwV60B3Au0g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 65ms
63ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: fsapSdfCQdXkiTEwdrFJJ16Oo7mpbQ2vXP6CiLb_qXOwNKYegxDTSw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 65ms
63ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 201ocbOmXMELAW3_iALD2nMEoEJMv2gFfwpsoSxzTAcQjbJBFq9zMA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
456 B 64ms
63ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: SAJ-NXtfvQURgvaHSXRmZA_vnJNWoPdZlNJE_RhWXhFZcpB5yPww5g==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 64ms
63ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: Qkpb3c8En8TiXwYPqjYPVQIXOo2gSbohMzDVTBphWLLIcyPNezH5CQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 63ms
60ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 4nJ3AUkaSO6voP0qvQDN-Sc8MVWNEZHzAz3WjX5XYnY-CIU1w47X2w==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 72ms
66ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: Q0c_Er_GqA14PF5UZLJlCv7-UBkvHebnza3XL_zYGP3PNUveL81LzA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 114ms
109ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 2PEuxJQYu_t1yBJ7rlFfNbaqvT9ckql7oOhD4UzS7DeQDfeg_hrUHw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
453 B 118ms
111ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: l1v8zt40G8s8OtYVQ3I6ti2gpCWvoP6v1F8MAGAu0zd8_yypb0mJRw==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 117ms
112ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: Jt3gExS_vn9m5IgTF3_8C0VGldtZM3e8SBfmbjMNZNz7VYJe7e7b0w==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 116ms
110ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: lkMqG3D9HUv488KTzImvCwdI6QT3AhJaYWrQPiflvcjxfgC_vRpTEQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
455 B 115ms
110ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: Y3bB3yOkOJJgcl3XTVPY3k886WBtv7myMXuhWxfuDTNtldV2gEJgoQ==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 1E3C 50 B
454 B 113ms
109ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:34 GMT
via: 1.1 f05e3afde72874082b3c4e5699bc66ba.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36412
x-amzn-requestid: 5042b2ad-b485-4b1c-9db2-2fad786fa900
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Stbf_HOBiYcEO6A=
content-length: 50
x-amz-cf-id: 9VNWPWu44GUjG1Q7Zn8UNYUkyR_7GtiGtujsGsaz50r66R2E4xEhMQ==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 08B6 2 KB
1 KB 89ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.47357434699753287&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame CD50 2 KB
1 KB 85ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.14654110739607962&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame BC03 2 KB
1 KB 89ms
68ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.13251370067127133&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 19F8 2 KB
1 KB 86ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.11491562100993646&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame CA6F 2 KB
1 KB 136ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5714294532342294&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 35B2 2 KB
1 KB 154ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8948956030463366&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3

200

/ Show response
vip.poltar2d.info/generator-line-angka/ Frame C47F
Redirect Chain

https://vip.poltar2d.info/generator-line-angka
https://vip.poltar2d.info/generator-line-angka/

101 KB
24 KB

563ms
563ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/generator-line-angka/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

63adf76ebbacf70664877daae33e6c801800e109b1d62aa183f3909e07dbac53

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:27 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/159>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=159>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:27 GMT
location: https://vip.poltar2d.info/generator-line-angka/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 0620 0
142 B 97ms
96ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=8168&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:26 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 84D6226F3B3E4505B5351494E776C898 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKwQqaWyVm2hFk3W5Q==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame F6A5 2 KB
1 KB 152ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.2528415633634691&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame A424 2 KB
1 KB 149ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.18383501496787136&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 640F 0
0 83ms
71ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=72546
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:27 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: UgV8zdZtzZvDOH1xero6ZZJLQ_T0mQ1dW_zFB3uRqyhyN68XHuvYNA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 8488 0
0 84ms
73ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=56114
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:27 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: FZF_VIRO9s9K5gP2bdWpcwCxZh94CLrIjgjg__fTliQnXjRPX9gojw==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 4093 5 KB
2 KB 77ms
48ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3266
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: P1Z0iQ-OENRjpbGOrWxBbYcw9dXtxG8_vk4YBHDUvXqoUa-tJddppw==

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 142D 2 KB
1 KB 149ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.08578313421753658&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 9033 2 KB
1 KB 147ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6807537046232486&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3202 2 KB
1 KB 395ms
270ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.26291622826053507&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4BB4 2 KB
1 KB 208ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.38652421053422037&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4885 2 KB
1 KB 215ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.981706411056597&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 5A47 2 KB
1 KB 218ms
69ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6774624784207877&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame E203 434 B
569 B 220ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CAMBODIA%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-172437927&@b3:1707252387&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 7a81497ee50a6e29d6e3d2d4b5ccffedb97b74890cff8f65e2707fd2fa34669a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:18 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 1E3C 5 KB
2 KB 69ms
67ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3267
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: WJ01UljfNU5PvFTbR7TiIKzTVpQLw95I_0YXTEePxaDr-JTOXVd1Kw==

GET
H2

200

sync
thrtle.com/ Frame BB2E
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=92218228-39bc-478f-b82a-f4e5b53fbe91
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3

43 B
539 B

70ms
61ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:27 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3
date: Tue, 06 Feb 2024 20:46:27 GMT
server: Kestrel
content-length: 199

GET
H2

200

sovrn_standalone_beacon.js Show response
cdn.lijit.com/www/sovrn_beacon_standalone/
Redirect Chain

https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
https://cdn.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js

21 KB
21 KB

273ms
75ms

Script
text/javascript

18.238.4.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 18.238.4.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-51.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b06ca55c1eb4674bf666bee6cd0193d8e72d3ed8535b7b5df6160e0391d84fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.disksusiangka.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:12 GMT
via: 1.1 e681dabd190d3783884c0bade3bdc5ca.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 17:32:11 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 377
x-amz-server-side-encryption: AES256
etag: "b4ecf05fe49c7d270978fd43997bee50"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 21172
x-amz-cf-id: UyOW9YC2TNueecIwlkWtRN7DgpZA0Cny2-fM2ZBs4C10CT7efQsMbg==

Redirect headers

location: https://cdn.lijit.com:443/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
date: Tue, 06 Feb 2024 20:46:27 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 950D 2 KB
1 KB 215ms
68ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8322626948861593&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:27 GMT
Expires: Tue, 13 Feb 2024 20:46:27 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 204 sync
thrtle.com/ Frame C5A0 0
465 B 69ms
63ms Image
text/plain 3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame EEDB 0
142 B 104ms
95ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=70921&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0152395E84474A468BD1CE7AEB52BDA2 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKwXOA6UAgpWuk1piQ==

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 70AF 43 B
573 B 66ms
64ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=22487

Requested by

Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 273A 85 B
482 B 71ms
63ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.pangkalanhdgroup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647780
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: DXZHS0HdmxAtn43Y5Lo0qT8-6MM_g9b5xC76vnTBa0NAZoNU_ZtQIw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

rand=108927253
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/ Frame F6B6
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=108927253
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=108927253

49 B
264 B

76ms
72ms

Image
image/gif

50.16.49.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=108927253
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 50.16.49.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-49-58.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.0.168
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:27 GMT
an-x-request-uuid: c9217af3-bdb4-47de-acab-03953bd121b2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=6740019904450003240/gdpr=0/rand=108927253
x-proxy-origin: 38.132.118.71; 38.132.118.71; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5C0B 15 KB
3 KB 404ms
403ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 6D61 108 KB
13 KB 338ms
338ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6D61 227 B
284 B 385ms
384ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 6D61 2 KB
353 B 386ms
383ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 6D61 28 KB
8 KB 386ms
383ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 6D61 86 KB
29 KB 749ms
746ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 6D61 13 KB
5 KB 423ms
421ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:27 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6D61 157 KB
26 KB 39ms
37ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317911
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6D61 30 KB
7 KB 55ms
53ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674353
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e1daead7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6D61 21 KB
8 KB 40ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498512
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6D61 62 KB
16 KB 41ms
39ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268437
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 6D61 258 KB
258 KB 412ms
410ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 6D61 4 MB
4 MB 326ms
324ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:27 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 6D61 53 KB
53 KB 228ms
223ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:28 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 6D61 652 KB
652 KB 623ms
621ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:28 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 6D61 397 KB
397 KB 456ms
454ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:28 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 6D61 443 KB
443 KB 263ms
254ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 6D61 829 KB
829 KB 488ms
479ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 6D61 736 KB
736 KB 266ms
258ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 6D61 1 MB
1 MB 321ms
316ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 6D61 2 MB
2 MB 470ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 6D61 2 MB
2 MB 2166ms
2161ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 6D61 733 KB
733 KB 564ms
560ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:31 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 6D61 2 MB
2 MB 411ms
407ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 6D61 812 KB
812 KB 315ms
311ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 6D61 659 KB
659 KB 259ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 6D61 1 MB
1 MB 331ms
327ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 6D61 718 KB
718 KB 477ms
474ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 6D61 309 KB
309 KB 472ms
469ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 6D61 1 MB
1 MB 434ms
431ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 6D61 173 KB
173 KB 470ms
468ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 6D61 1 KB
1 KB 214ms
72ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 06464b1162f99c45d063f7bea0db932980df7c8a6a5e72a37db44b33f36d2ded

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
ETag: -1135181698
Content-Length: 1063
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 6D61 65 KB
65 KB 222ms
220ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 6D61 8 KB
2 KB 339ms
336ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 6D61 6 KB
2 KB 344ms
340ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 6D61 112 KB
34 KB 345ms
340ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 6D61 4 KB
2 KB 401ms
392ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 0620
Redirect Chain

https://um.simpli.fi/lj_match?r=59867
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

72ms
66ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:28 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 18E0 43 B
573 B 76ms
75ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=97099

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:28 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame BBA8 43 B
573 B 75ms
75ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=879

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:28 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 1DB6 766 B
1 KB 64ms
63ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650844
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 2IotXizsEvSOL2UPqJRurqF4ZpauDUjiJvS3fa72pyHWa3NoQXxLnw==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 273A 766 B
1 KB 65ms
64ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650844
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: TWEf4rEhxrV3-dwaUCsN13y0I97NRo6TEVJFZM8FPJoUHGOpjgntBw==

GET
H2

200

merge
ce.lijit.com/ Frame EEDB
Redirect Chain

https://um.simpli.fi/lj_match?r=39785
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

60ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:28 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:28 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 213ms
62ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.disksusiangka.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:28 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame C47F 108 KB
13 KB 292ms
286ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame C47F 227 B
273 B 296ms
291ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame C47F 2 KB
376 B 297ms
292ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame C47F 28 KB
8 KB 296ms
292ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame C47F 86 KB
29 KB 302ms
299ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame C47F 13 KB
5 KB 328ms
324ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame C47F 157 KB
26 KB 38ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317913
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C47F 30 KB
7 KB 50ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674355
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e295d477494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame C47F 21 KB
8 KB 40ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498514
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame C47F 62 KB
16 KB 41ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268439
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame C47F 258 KB
258 KB 195ms
189ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame C47F 4 MB
4 MB 450ms
443ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame C47F 53 KB
53 KB 316ms
315ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame C47F 652 KB
652 KB 587ms
587ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame C47F 397 KB
397 KB 340ms
336ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:30 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame C47F 443 KB
443 KB 323ms
314ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame C47F 829 KB
829 KB 251ms
242ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame C47F 736 KB
736 KB 261ms
252ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame C47F 1 MB
1 MB 320ms
311ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame C47F 2 MB
2 MB 356ms
348ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame C47F 2 MB
2 MB 1434ms
1427ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:33 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame C47F 733 KB
733 KB 212ms
205ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame C47F 2 MB
2 MB 250ms
243ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame C47F 812 KB
812 KB 357ms
350ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame C47F 659 KB
659 KB 472ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame C47F 1 MB
1 MB 266ms
259ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame C47F 718 KB
718 KB 250ms
244ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame C47F 309 KB
309 KB 279ms
273ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame C47F 1 MB
1 MB 280ms
275ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame C47F 173 KB
173 KB 292ms
287ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 404 jquery-1.10.2.min.js
vip.poltar2d.info/js/ Frame C47F 0
0 322ms
321ms Script
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/js/jquery-1.10.2.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
server: LiteSpeed
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame C47F 65 KB
65 KB 200ms
195ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame C47F 3 KB
1 KB 319ms
315ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame C47F 8 KB
2 KB 279ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame C47F 6 KB
2 KB 277ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame C47F 112 KB
34 KB 281ms
278ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame C47F 4 KB
2 KB 324ms
315ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 89D5 15 KB
3 KB 362ms
355ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 4C03 108 KB
13 KB 278ms
275ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 4C03 227 B
271 B 281ms
273ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 4C03 2 KB
374 B 282ms
274ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 4C03 28 KB
8 KB 281ms
274ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 4C03 86 KB
29 KB 283ms
276ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame 4C03 13 KB
5 KB 291ms
285ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 4C03 157 KB
26 KB 58ms
53ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317913
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4C03 30 KB
7 KB 66ms
60ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674355
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e298da87494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 4C03 21 KB
8 KB 65ms
59ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498514
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 4C03 62 KB
16 KB 59ms
54ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268439
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 4C03 3 MB
3 MB 275ms
271ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 4C03 311 B
338 B 221ms
219ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame 4C03 43 B
182 B 208ms
70ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 4C03 3 KB
1 KB 262ms
259ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 4C03 8 KB
2 KB 258ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 4C03 6 KB
2 KB 258ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 4C03 112 KB
34 KB 257ms
256ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 4C03 4 KB
2 KB 261ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 820B 2 KB
1 KB 68ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.31589859186506786&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:29 GMT
Expires: Tue, 13 Feb 2024 20:46:29 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 0620 43 B
573 B 73ms
65ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=63456

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 3406 85 B
481 B 91ms
58ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647782
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: CYsK8ePqcD9dKggDTe5N18wNFy5bqotwPlai3t-PMjeC41byWGYJFw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 18E0 0
142 B 109ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=53197&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 19C48DA9C8684C298199BF072D7F50F4 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKw6HTzirt0aUKHLgw==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame BBA8 0
142 B 140ms
111ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=34681&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9A94F599B2BB4C979E113C1540909679 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKw6HpYWLBHIfwsEJA==

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame EEDB 43 B
573 B 77ms
62ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=78324

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 1A46 85 B
482 B 88ms
62ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647782
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: FpOwgZQzxp9mCLxpOswHDbLAWU88Dmih8Vm7tY149s1XY6tSTztjVw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3268 2 KB
1 KB 69ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6771428333945828&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:29 GMT
Expires: Tue, 13 Feb 2024 20:46:29 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 208ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-53227538&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 209ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-135330677&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 209ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:17147588&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 209ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-61065055&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 208ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-122649138&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 206ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-173852832&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 213ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-117078778&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 213ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:99434595&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 215ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:23459132&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 220ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-146132797&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 220ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-122336740&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:21 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 454ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-12134199&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 243ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:160317329&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 958ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:9479247&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 998ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-55808867&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame E189 438 B
573 B 1202ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-13869778&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:22 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E203 230 B
529 B 42ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame E203 231 B
530 B 44ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 23A7 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 69A7 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252385611&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=UeBLA2YAtmUfOvTRAmIj&urls=&rnd=1707252389782&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3331&bcnLcy=501

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:29 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:29 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 4093 167 B
449 B 59ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame F08C 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A843 11 KB
5 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38051
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e2caa7e2886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.velbettgroup.com/ Frame BF94 10 KB
2 KB 284ms
269ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:29 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 6153 19 KB
9 KB 419ms
417ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame DBD4 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 4984 19 KB
9 KB 75ms
74ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 649D 19 KB
9 KB 79ms
79ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:29 GMT

GET
DATA 200
OK truncated
/ Frame A843 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame A843 75 KB
76 KB 42ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 3
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e2d3fe44c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 9733 0
456 B 133ms
127ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-t: 12.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvKFSk%2FrNYJ0TC497jIVoRNUQ8y7SFp%2BIvAiKS%2Fltzy9rKCsFtv4iCaJcyO4XutuJDYLbPgmtCkejO7TZVlcjpUr4fE75tgSQsORv1LwAgHPr0SnZsbfqDqaZAJ2TlmcJ4A52cnM33RNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 85163e2d9bbedaa9-MIA
expires: Tue, 06 Feb 2024 20:50:09 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9733 33 KB
11 KB 74ms
68ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37178
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 8cuCtI2jdC0SAKHXGRU_D5ByZGJL8AnN76CVCisXo1NYLzu1RK_9UA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 9733 2 KB
3 KB 73ms
70ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 9733 0
326 B 116ms
111ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=6qwc6mlfpf&_pv=3&_ls=9&_cc=us&_pl=d&_b=chrome%40121&_cbid=228i&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-t: 0.129
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3N%2FpDg5bIiQG5gra7HB1kjWuXHCtArUPQMo000PD0aKlwGnbH%2FVZ1vQcnqqMDd3S174oHbRyC2f0FFSdvahsjgOlJ5M1jSMwySac2Gn6ehnpV9EUBC1wnrfug1fSDmv0iHnt6aIyxbM4DoI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e2daf067449-MIA
expires: Tue, 06 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 3F5D 19 KB
9 KB 426ms
424ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 788F 0
434 B 120ms
116ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-t: 8.76
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXr7HcQlJALOIHJuaj2bu3GfLhWgj9JNZ14XTAaH%2Bv1voRoXcVmtbgV9LjQEV6eH0kONTzLCY1HNI5TR4VhX7LtSwAFFr8H%2FtdpqzTeZzrnh6UcbpmQZzvQQjssYrK%2FUZJdzaLyViFIkVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163e2dec2ddaa9-MIA
expires: Tue, 06 Feb 2024 18:26:00 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 788F 33 KB
11 KB 70ms
67ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37178
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: VmagYC5ZrU-6aHKwADyTOMLKqueFgrGeviVNs4tgrY0Y2J6D9qdKVg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 788F 2 KB
3 KB 69ms
67ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 788F 0
306 B 120ms
118ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=602u201chl&_pv=3&_ls=8&_cc=us&_pl=d&_b=chrome%40121&_cbid=2v4r&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-t: 0.116
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqXDUlH5TyW1NffTGKhw68aHvBwv1yBwcJTBFBmHYH4QXbwPazvBhFfpwqyRIGcVE2EBhDzta6GMwWvgG9E3FAoXT6hnMYus1tUhbP9Y6q8ws6iG2WxT%2FtCJ5nQvJsqOwX6Giq4oyJUOSyk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e2def8b7449-MIA
expires: Tue, 06 Feb 2024 20:46:29 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame F6A0 19 KB
9 KB 72ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 8DDC 19 KB
9 KB 487ms
484ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 3F0D 19 KB
9 KB 77ms
76ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 7CCC 11 KB
5 KB 64ms
56ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38052
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e2e7e242886-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
vip.velbettgroup.com/ Frame 163E 10 KB
2 KB 272ms
270ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:30 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 8141 19 KB
9 KB 84ms
81ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 82B5 19 KB
9 KB 92ms
84ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 7CCC 75 KB
76 KB 53ms
51ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 4
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e2f4b3c4c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame B214 167 B
452 B 70ms
66ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 536A 19 KB
9 KB 81ms
80ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame C1FC 19 KB
9 KB 79ms
78ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 8841 19 KB
9 KB 202ms
202ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 035A 19 KB
9 KB 74ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame B804 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5C0B 11 KB
4 KB 53ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38052
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e30ca642886-MIA
content-length: 4547

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 6B98 2 KB
1 KB 74ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4671213723486325&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 9685 2 KB
1 KB 66ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5292439897031789&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 477A 2 KB
1 KB 67ms
67ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.695589146697168&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 4241 2 KB
1 KB 67ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6061486507628193&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame E5DE 2 KB
1 KB 65ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.17621052457725161&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame C307 2 KB
1 KB 76ms
75ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6000849549908516&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 08FA 2 KB
1 KB 65ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.04951338001479&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame A8E5 2 KB
1 KB 93ms
77ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7529839723388418&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame DF72 2 KB
1 KB 92ms
69ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.22133942581828236&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 5B53 2 KB
1 KB 101ms
72ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.560242859372597&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame A7CD 2 KB
1 KB 98ms
72ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.4173533753825063&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 17D5 2 KB
1 KB 126ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.25445170914546544&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame ED19 2 KB
1 KB 120ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9471028863942241&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame C371 2 KB
1 KB 116ms
73ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9214935366754118&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame F7D2 2 KB
1 KB 122ms
66ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.07882137944955137&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:30 GMT
Expires: Tue, 13 Feb 2024 20:46:30 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 1E3C 167 B
449 B 73ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame E203 22 KB
12 KB 58ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22813
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e322dbd2886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E203 6 KB
3 KB 127ms
108ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CAMBODIA%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-172437927&@b3:1707252387&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca42514479097e64040f72f944b9661029139dedbe3293d72b6f079dedc5aee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
x-t: 0.27
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvzwBRhymh7gauCSIKkkV%2BILEg7JPzfwDr%2FiQZQ80vGtZgFHPALOnOAAS5B8uQ3nFylbPZUNuoAGdZqreBlwJUq6oCNymUNN9ExhmkKQb0E2ezNMYOTolof%2BDE%2BgxcboSqvvNHJY9LQOcys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e322fd67449-MIA
expires: Tue, 06 Feb 2024 20:46:29 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 3406 766 B
1 KB 77ms
51ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650846
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: C4uz9o4odMvTdDZqoj6LnmmdAhB61kybbmMONLDjrlWqflBSRyJiZQ==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 1A46 766 B
1 KB 78ms
52ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650846
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: WV4vITEJIC8LtysTtvYFn9anm6M8e24SOPaSZqnAI9ThIJ8HYJCibQ==

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame A6AF 437 B
572 B 489ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-45554260&@b3:1707252391&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: d3f9dba43caac17e172315e0f2499f0dfb6c39a5a417a1cd9a2d8254d894f0af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:23 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame A6AF 18 KB
5 KB 290ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:30 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/live-cambodia/ Frame 0965
Redirect Chain

https://vip.poltar2d.info/live-cambodia
https://vip.poltar2d.info/live-cambodia/

100 KB
24 KB

317ms
316ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-cambodia/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

05751a195405a91e64941b313315418ef46034132ba967ec20ebee8002955cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:31 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/268>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=268>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:31 GMT
location: https://vip.poltar2d.info/live-cambodia/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame BB2E 0
72 B 70ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:31 GMT
content-length: 0
vary: Origin

GET
H2

200

merge
ce.lijit.com/ Frame 18E0
Redirect Chain

https://um.simpli.fi/lj_match?r=19828
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

66ms
59ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:31 GMT

GET
H2

200

merge
ce.lijit.com/ Frame BBA8
Redirect Chain

https://um.simpli.fi/lj_match?r=14865
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

70ms
63ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:31 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame C5A0 0
72 B 72ms
70ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:31 GMT
content-length: 0
vary: Origin

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame BF94 15 KB
3 KB 359ms
358ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 6746 43 B
177 B 76ms
73ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:31 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame A1B6 43 B
177 B 76ms
75ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:31 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 163E 15 KB
3 KB 354ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6D61 11 KB
5 KB 48ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38053
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e35ac672886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame 2F03 12 KB
2 KB 291ms
290ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:31 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame 6D61 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6D61 75 KB
76 KB 45ms
44ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 10
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e361f004c02-MIA
cdn-requestpullsuccess: True

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 7CCC 18 KB
5 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/rekap-angka-ct/ Frame FAE5
Redirect Chain

https://vip.poltar2d.info/rekap-angka-ct
https://vip.poltar2d.info/rekap-angka-ct/

102 KB
24 KB

337ms
335ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/rekap-angka-ct/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

50a4e0777e169413737929577ace740f7f3c6d277a8bd6d825f1acb268c02c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:32 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/189>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=189>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:31 GMT
location: https://vip.poltar2d.info/rekap-angka-ct/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame DE82 19 KB
9 KB 75ms
74ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:31 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/generator-angka/ Frame 1D72
Redirect Chain

https://vip.poltar2d.info/generator-angka
https://vip.poltar2d.info/generator-angka/

108 KB
26 KB

318ms
316ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/generator-angka/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

bf93ecaa77e87eb6545f45af92415796a578c03c3ebb07168ec6f3f79b721981

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:32 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/157>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=157>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:32 GMT
location: https://vip.poltar2d.info/generator-angka/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame 4C03 135 KB
135 KB 262ms
257ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
DATA 200
OK truncated
/ Frame 4C03 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 4C03 75 KB
76 KB 43ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 13
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e39ad064c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 89D5 11 KB
5 KB 44ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38054
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e3b0ee52886-MIA
content-length: 4547

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame CAAE 19 KB
9 KB 76ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame E189 18 KB
7 KB 50ms
42ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 25187
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e3d0a9d2886-MIA
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E189 6 KB
3 KB 119ms
112ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-53227538&@b3:1707252390&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9846a246ce03fb996f0d1cdb319424cdc2fa280dfd2016d8c99dc4bfc44b4b77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-t: 0.262
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0GXdQKNwFgZesfPuQ%2FNOPD0kKJXQga7mFMORN8IlHiGe%2F8QZ3y3d1B4Uuhg91bkHadCV5cyH%2FMAN80UaAsumTZMvT%2BbvvQJW%2FoWE2cZ32bbUFnnTr0XPCk40lEckIEF3vRwrRwXiUuzDeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e3d0da87449-MIA
expires: Tue, 06 Feb 2024 20:46:31 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 23A7 0
289 B 67ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386631&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=VICLA2YA3j_AZy5KHsa0&urls=&rnd=1707252392471&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2691&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:32 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F08C 0
289 B 66ms
63ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386829&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=cICLA2YAZJlFvqmHOrVz&urls=&rnd=1707252392478&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2638&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:32 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame DBD4 0
289 B 68ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386838&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=mICLA2YAHvQR94hnWW7q&urls=&rnd=1707252392488&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2601&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:32 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 4984 0
289 B 75ms
69ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386825&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=wICLA2YARlYyGpa7Sv6T&urls=&rnd=1707252392499&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2594&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:32 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 649D 0
289 B 67ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386834&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=cJCLA2YAW261Gn5jOKhh&urls=&rnd=1707252392542&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2614&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:32 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 2F03 15 KB
3 KB 356ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 0965 108 KB
13 KB 283ms
275ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 0965 227 B
273 B 284ms
276ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0965 2 KB
376 B 286ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 0965 28 KB
8 KB 286ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0965 86 KB
29 KB 294ms
286ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0965 13 KB
5 KB 332ms
323ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:32 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 0965 157 KB
26 KB 42ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317917
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0965 30 KB
7 KB 53ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674358
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e3dba117494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 0965 21 KB
8 KB 47ms
39ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498517
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 0965 62 KB
16 KB 48ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268442
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 0965 258 KB
258 KB 258ms
251ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 0965 4 MB
4 MB 331ms
324ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:32 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:32 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 0965 53 KB
53 KB 250ms
249ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:33 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 0965 652 KB
652 KB 339ms
337ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:33 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 0965 397 KB
397 KB 1489ms
1489ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:34 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 0965 443 KB
443 KB 436ms
429ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 0965 829 KB
829 KB 339ms
333ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 0965 736 KB
736 KB 507ms
502ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 0965 1 MB
1 MB 414ms
408ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 0965 2 MB
2 MB 407ms
402ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 0965 2 MB
2 MB 1780ms
1776ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 0965 733 KB
733 KB 256ms
252ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 0965 2 MB
2 MB 491ms
487ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 0965 812 KB
812 KB 437ms
433ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 0965 659 KB
659 KB 429ms
425ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 0965 1 MB
1 MB 502ms
499ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 0965 718 KB
718 KB 430ms
427ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 0965 309 KB
309 KB 435ms
432ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 0965 1 MB
1 MB 433ms
430ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 0965 173 KB
173 KB 249ms
247ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 0965 65 KB
65 KB 305ms
303ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0965 3 KB
1 KB 277ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0965 8 KB
2 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0965 6 KB
2 KB 281ms
279ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0965 112 KB
34 KB 275ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0965 4 KB
2 KB 276ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 18E0 43 B
573 B 63ms
60ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=71471

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 89F8 85 B
484 B 65ms
62ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647785
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: -xUXRJjLnDvPNvtJ4tTRKOfT9smDdNQNnTITq3NPipm3SWkFbSlSww==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame BBA8 43 B
573 B 63ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=98575

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame D1C7 85 B
482 B 65ms
62ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647785
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: SqFl7-bxlz0DgWIRgF88BBVA-FdFz2WORal0vkJsTk2Ta5ri23F06Q==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame DA1A 0
0 71ms
70ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34571
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:32 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: ct88D0QHI5T-sS5yquNS86mYx5WsM3KhXMM2LmsK7wKpHEzcdy-R-w==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F60D 0
0 70ms
70ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=18439
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:32 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: a1hZ7EgdAKrsDEEWWC4GrjhaeW7yfT-usW1NZ92V1IXZLn5tykPSUA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F6A0 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386843&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=MOCLA2YA_EcRhDvOtgSN&urls=&rnd=1707252392847&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2780&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:32 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:32 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 7CCC 437 B
572 B 214ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-115134069&@b3:1707252393&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: d3f9dba43caac17e172315e0f2499f0dfb6c39a5a417a1cd9a2d8254d894f0af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3F0D 0
289 B 65ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386913&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=ySCLA2YA9n5bt83YjGy3&urls=&rnd=1707252393141&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3018&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 82B5 0
289 B 66ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386957&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=5SCLA2YA00lpxWTtxsol&urls=&rnd=1707252393147&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2962&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 6153 0
289 B 87ms
87ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386771&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=ATCLA2YAOYkqhgAy6GsK&urls=&rnd=1707252393154&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3289&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 8141 0
289 B 65ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386953&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=FTCLA2YAN5cDfIolIEkX&urls=&rnd=1707252393159&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3002&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 536A 0
289 B 67ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386963&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=NTCLA2YAMicKv2NYLX30&urls=&rnd=1707252393170&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2816&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame C1FC 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386966&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=eTCLA2YAtO1uMxJwigGZ&urls=&rnd=1707252393184&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2811&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3F5D 0
289 B 81ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386840&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=kTCLA2YAmaLtMeXqqWWx&urls=&rnd=1707252393190&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3160&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C47F 11 KB
5 KB 46ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38055
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e419bff2886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 3E22 10 KB
3 KB 262ms
262ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 4C03 311 B
338 B 294ms
294ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:33 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4C03 11 KB
4 KB 48ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38055
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e419c0a2886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame DC7D 10 KB
2 KB 263ms
262ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame C903 112 KB
25 KB 378ms
377ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

683f503a051658b48c8b2d7c0c2d0342a09a3b32a6f4a2caee1ef69f1bf8548b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:33 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E668 0
72 B 72ms
70ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zona88.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:33 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame 5C0B 434 B
569 B 220ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-46018083&@b3:1707252393&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 5a079a85e9528627f4c47b354664df047dca5d28e0b30865fcd3585ea457da31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:25 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 035A 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386969&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=9TCLA2YAA43SFEDoBp3O&urls=&rnd=1707252393215&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2734&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 8DDC 0
289 B 68ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386918&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=DUCLA2YA-yuvELs-DLE6&urls=&rnd=1707252393221&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3142&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
DATA 200
OK truncated
/ Frame C47F 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame C47F 75 KB
76 KB 43ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 7
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e41da294c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame B804 0
289 B 69ms
68ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252386960&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=zUCLA2YAk4dr06MK8Kfi&urls=&rnd=1707252393270&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2772&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 8841 0
289 B 69ms
69ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252387130&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=6UCLA2YA1rWQeLoV3-d7&urls=&rnd=1707252393277&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=2865&bcnLcy=1327

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame CD56 19 KB
9 KB 73ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 1177 19 KB
9 KB 76ms
75ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame D58F 19 KB
9 KB 80ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame FEE7 19 KB
9 KB 78ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 5EC2 19 KB
9 KB 74ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 7736 19 KB
9 KB 72ms
71ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame B11C 19 KB
9 KB 73ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:33 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame A478 19 KB
9 KB 73ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame A17B 19 KB
9 KB 72ms
71ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame F57F 19 KB
9 KB 72ms
71ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame E4FE 19 KB
9 KB 77ms
77ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame A843 18 KB
5 KB 277ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 1CAE 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame E4BE 19 KB
9 KB 72ms
71ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame BD2B 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 3E3A 19 KB
9 KB 73ms
72ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame A843 437 B
572 B 205ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-144292154&@b3:1707252395&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: d3f9dba43caac17e172315e0f2499f0dfb6c39a5a417a1cd9a2d8254d894f0af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:26 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame FAE5 108 KB
13 KB 275ms
274ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame FAE5 227 B
273 B 285ms
283ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame FAE5 2 KB
376 B 287ms
285ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame FAE5 28 KB
8 KB 287ms
286ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame FAE5 86 KB
29 KB 294ms
293ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame FAE5 13 KB
5 KB 331ms
330ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame FAE5 157 KB
26 KB 37ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317919
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame FAE5 30 KB
7 KB 45ms
43ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674360
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e49e81c7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame FAE5 21 KB
8 KB 38ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498519
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame FAE5 62 KB
16 KB 37ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268444
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame FAE5 258 KB
258 KB 316ms
314ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:34 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame FAE5 4 MB
4 MB 330ms
327ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:34 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame FAE5 53 KB
53 KB 249ms
249ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame FAE5 652 KB
652 KB 263ms
262ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame FAE5 397 KB
397 KB 249ms
248ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame FAE5 443 KB
443 KB 186ms
179ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame FAE5 829 KB
829 KB 236ms
229ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame FAE5 736 KB
736 KB 249ms
242ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame FAE5 1 MB
1 MB 353ms
346ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame FAE5 2 MB
2 MB 359ms
353ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame FAE5 2 MB
2 MB 3144ms
3139ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame FAE5 733 KB
733 KB 357ms
352ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame FAE5 2 MB
2 MB 424ms
419ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame FAE5 812 KB
812 KB 234ms
230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame FAE5 659 KB
659 KB 216ms
212ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame FAE5 1 MB
1 MB 360ms
357ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame FAE5 718 KB
718 KB 230ms
227ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame FAE5 309 KB
309 KB 285ms
282ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame FAE5 1 MB
1 MB 216ms
213ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame FAE5 173 KB
173 KB 352ms
350ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame FAE5 65 KB
65 KB 187ms
185ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame FAE5 3 KB
1 KB 299ms
297ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame FAE5 8 KB
2 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame FAE5 6 KB
2 KB 275ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame FAE5 112 KB
34 KB 285ms
283ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame FAE5 4 KB
2 KB 306ms
298ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
DATA 200
OK truncated
/ Frame E203 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 1D72 108 KB
13 KB 285ms
281ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 1D72 227 B
273 B 296ms
293ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 1D72 2 KB
522 B 297ms
293ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 425
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 1D72 28 KB
8 KB 298ms
295ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 1D72 86 KB
29 KB 307ms
304ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 1D72 13 KB
5 KB 344ms
341ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:34 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 1D72 157 KB
26 KB 36ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317919
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 1D72 30 KB
7 KB 47ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674360
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e4ab9967494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 1D72 21 KB
8 KB 39ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498519
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 1D72 62 KB
16 KB 40ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268444
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 1D72 258 KB
258 KB 359ms
357ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:34 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 1D72 4 MB
4 MB 256ms
254ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:34 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 1D72 53 KB
53 KB 228ms
222ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 1D72 652 KB
652 KB 204ms
203ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 1D72 397 KB
397 KB 272ms
270ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 1D72 443 KB
443 KB 274ms
268ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 1D72 829 KB
829 KB 272ms
266ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 1D72 736 KB
736 KB 346ms
339ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 1D72 1 MB
1 MB 359ms
353ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 1D72 2 MB
2 MB 505ms
499ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 1D72 2 MB
2 MB 2019ms
2013ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 1D72 733 KB
733 KB 346ms
340ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 1D72 2 MB
2 MB 347ms
341ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 1D72 812 KB
812 KB 363ms
357ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 1D72 659 KB
659 KB 344ms
339ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 1D72 1 MB
1 MB 380ms
375ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 1D72 718 KB
718 KB 353ms
348ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 1D72 309 KB
309 KB 553ms
548ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 1D72 1 MB
1 MB 333ms
328ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 1D72 173 KB
173 KB 358ms
354ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 1D72 65 KB
65 KB 214ms
210ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 1D72 3 KB
1 KB 327ms
323ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 1D72 8 KB
2 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2473
expires: Tue, 13 Feb 2024 20:38:53 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 1D72 6 KB
2 KB 276ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 1D72 112 KB
35 KB 294ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35895
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 1D72 4 KB
2 KB 331ms
324ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1641
expires: Tue, 13 Feb 2024 20:40:01 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 9733 5 KB
2 KB 64ms
62ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3274
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 9yJuEJ8App-2NBZFXaPEMru-dK7GWADvp-XqrZi7_VXAvfYO22q-Pw==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 788F 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3274
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 42K-_eijnVm2o-kVV_zuQIKykGuFx_aumLCrcnGJjeWw8hxS51W_og==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 9733 2 KB
2 KB 67ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.00897160491019&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:34 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 9733 42 B
265 B 68ms
68ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.00897160491019&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 788F 2 KB
2 KB 67ms
66ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3383460864782817&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:34 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 788F 42 B
265 B 70ms
69ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2F&event_source=dtscout&rnd=0.3383460864782817&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:34 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 89F8 766 B
1 KB 65ms
62ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650850
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: DTM1vnbFqfr-VXHnXkITmvS8OZFcbe1hdR225ShOQGaVBV5jINIJ5Q==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame D1C7 766 B
1 KB 63ms
63ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650850
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: VQgYHKhky_irxPlQdQs7sVRJj1ajluuznQ3DSSOQUnTharkBgNsiGQ==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 4093 43 B
177 B 70ms
68ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:34 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame A6AF 16 KB
6 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30514
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e4bbfd62886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A6AF 6 KB
3 KB 123ms
122ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-45554260&@b3:1707252391&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c404e4b9b3f4087d455585b788c8a83a81fe7c6467215cf37ab5f95b9db0fa1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:34 GMT
x-t: 0.289
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYMJ5oarabLl%2F9DMpkpw1%2F6zVpjWgQw0jK0vKJ7yb1QDXsssDlkRprmn9tWrm56Z%2BO%2FGtTLHm6FEHzUB68RyKW1sTq4LrazojDasLGpPQiveu2tRxE1MB2ZnGoi80OMbktb465LKEBTcAhw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e4bbac27449-MIA
expires: Tue, 06 Feb 2024 20:46:33 GMT

GET
H3 200 / Show response
vip.poltar2d.info/buku-mimpi-2d/ Frame F3D9 116 KB
28 KB 316ms
316ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/buku-mimpi-2d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

126d9136b20fe3334b955b345b30d01d3b741600201437d3c63edaa9559aa277

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/generator-line-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:35 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/216>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=216>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

GET
H3

200

/ Show response
vip.badutprediction.info/rekap-angka-3d/ Frame B2C4
Redirect Chain

https://vip.badutprediction.info/rekap-angka-3d
https://vip.badutprediction.info/rekap-angka-3d/

120 KB
24 KB

472ms
471ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/rekap-angka-3d/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d10b51032596c08f0871314c0b25101733ed056d995a43474baf2d3a06560fdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/prediksi-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:35 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/151>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=151>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:35 GMT
location: https://vip.badutprediction.info/rekap-angka-3d/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 6746 43 B
573 B 61ms
60ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=79150

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:35 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame A1B6 43 B
573 B 61ms
60ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=27345

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:35 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E203 0
454 B 87ms
85ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-t: 1.6
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEXPpg0Jc6914EPd73JFnoxMQr8zMX4rhMFG2JKpr1a53sBJTusDRjsPBLUUNE084uTlr11SDLCDWAZ6sRRtQeKH9%2BUvM%2FbXEPA1Jb5x2ZBDQiTJPldKPCTl9C0WUvG3Vk912Q76eZpE2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163e4dbdc4daa9-MIA
expires: Tue, 06 Feb 2024 20:44:02 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E203 33 KB
11 KB 68ms
67ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37183
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: u_NWxbbptht15OjMcfvFVguLh93IXQDObZRlqTN3d_jt_WNtDT2jUg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame E203 2 KB
3 KB 69ms
68ms Script
application/javascript 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:35 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E203 0
332 B 126ms
126ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=3ea10jbm6h&_pv=4&_ls=16&_cc=us&_pl=d&_b=chrome%40121&_cbid=591x&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-t: 0.193
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BbZ2MsrUFzF185Ub0zKqNZmLwUqoczMcxDplyMcenAMDiXe%2FY7zzrjSL17gdpMMaIST32ycKsKZ4qq%2FNVawAPsJqeJMnxavP1eiHMm7HXboCt%2FyJm9qBYUp4IDf9G0967kVTSHB3jY0HrU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e4dbf4e7449-MIA
expires: Tue, 06 Feb 2024 20:46:34 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 3E22 15 KB
3 KB 355ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame DC7D 15 KB
3 KB 356ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame C903 108 KB
13 KB 341ms
336ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame C903 227 B
284 B 348ms
339ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame C903 2 KB
353 B 370ms
361ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame C903 28 KB
8 KB 370ms
359ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame C903 86 KB
29 KB 1158ms
1148ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame C903 13 KB
5 KB 429ms
419ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame C903 157 KB
26 KB 45ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317919
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame C903 30 KB
7 KB 59ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674361
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e4f39e27494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame C903 21 KB
8 KB 49ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498520
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame C903 62 KB
16 KB 49ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268445
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame C903 0
0

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame C903 4 MB
4 MB 260ms
250ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:35 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame C903 53 KB
53 KB 400ms
399ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame C903 652 KB
652 KB 201ms
200ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame C903 397 KB
397 KB 247ms
245ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame C903 443 KB
443 KB 276ms
270ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame C903 829 KB
829 KB 248ms
242ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame C903 736 KB
736 KB 368ms
362ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame C903 1 MB
1 MB 291ms
286ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame C903 2 MB
2 MB 374ms
369ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame C903 2 MB
2 MB 1915ms
1910ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame C903 733 KB
733 KB 278ms
274ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame C903 2 MB
2 MB 481ms
477ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame C903 812 KB
812 KB 333ms
329ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame C903 659 KB
659 KB 232ms
228ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame C903 1 MB
1 MB 295ms
291ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame C903 718 KB
718 KB 554ms
551ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame C903 309 KB
309 KB 223ms
220ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame C903 1 MB
1 MB 291ms
288ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame C903 173 KB
173 KB 224ms
221ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame C903 1 KB
1 KB 208ms
70ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 06464b1162f99c45d063f7bea0db932980df7c8a6a5e72a37db44b33f36d2ded

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:39 GMT
Connection: close
ETag: -1135181698
Content-Length: 1063
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame C903 65 KB
65 KB 176ms
173ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame C903 8 KB
2 KB 337ms
336ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame C903 6 KB
2 KB 337ms
336ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:38 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame C903 112 KB
34 KB 343ms
337ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 frontend.js Show response
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame C903 4 KB
2 KB 391ms
385ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame B214 43 B
177 B 78ms
66ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:35 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 70AF 0
72 B 72ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:35 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 0620 0
72 B 72ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:35 GMT
content-length: 0
vary: Origin

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A6AF 230 B
529 B 35ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A6AF 231 B
530 B 36ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame BF94 11 KB
5 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38057
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e4fefce2886-MIA
content-length: 4547

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame 6D61 18 KB
5 KB 340ms
340ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:35 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 1E3C 43 B
177 B 120ms
117ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:35 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 163E 11 KB
4 KB 49ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38057
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e5048942886-MIA
content-length: 4547

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame 6D61 436 B
571 B 499ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:75194812&@b3:1707252396&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 29b675d9faa66d452ad1ff7d3497963701215c52aeea160023a66a8ccaf7737d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:27 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 7CCC 230 B
529 B 35ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 7CCC 231 B
530 B 35ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame DE82 0
289 B 67ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252389526&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2Flive-japan%2F&qs=na&cc=US&cont=NA&evid=66CLA2YAuyt8lSrxcpK6&urls=&rnd=1707252395708&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3862&bcnLcy=1852

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:35 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:35 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame F3D9 108 KB
13 KB 278ms
276ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame F3D9 227 B
273 B 279ms
275ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame F3D9 2 KB
376 B 280ms
276ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame F3D9 28 KB
8 KB 282ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame F3D9 86 KB
29 KB 289ms
286ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame F3D9 13 KB
5 KB 321ms
317ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:36 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame F3D9 157 KB
26 KB 37ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317920
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F3D9 30 KB
7 KB 46ms
43ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674362
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e54ed1e7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame F3D9 21 KB
8 KB 38ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498521
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame F3D9 62 KB
16 KB 39ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268446
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame F3D9 258 KB
258 KB 281ms
279ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame F3D9 4 MB
4 MB 273ms
271ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:36 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame F3D9 53 KB
53 KB 291ms
289ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame F3D9 652 KB
652 KB 254ms
247ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame F3D9 397 KB
397 KB 302ms
302ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:37 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame F3D9 443 KB
443 KB 497ms
492ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame F3D9 829 KB
829 KB 211ms
206ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame F3D9 736 KB
736 KB 227ms
222ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame F3D9 1 MB
1 MB 307ms
303ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame F3D9 2 MB
2 MB 471ms
467ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame F3D9 2 MB
2 MB 1234ms
1230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame F3D9 733 KB
733 KB 308ms
305ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame F3D9 2 MB
2 MB 286ms
282ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame F3D9 812 KB
812 KB 283ms
279ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame F3D9 659 KB
659 KB 246ms
242ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame F3D9 1 MB
1 MB 467ms
464ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame F3D9 718 KB
718 KB 349ms
345ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame F3D9 309 KB
309 KB 241ms
237ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame F3D9 1 MB
1 MB 496ms
492ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame F3D9 173 KB
173 KB 260ms
257ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame F3D9 65 KB
65 KB 599ms
596ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:39 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame F3D9 3 KB
1 KB 280ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F3D9 8 KB
2 KB 278ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F3D9 6 KB
2 KB 278ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F3D9 112 KB
34 KB 276ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:38 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame F3D9 4 KB
2 KB 283ms
282ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 823F 0
0 70ms
69ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=48941
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:36 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: eB0KWyQPBFFz_lu4SvRpbSXGbG8Ssqm9YelBSFCFhtQso72-ZW5WRg==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 89D5 437 B
572 B 211ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-73688259&@b3:1707252396&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:28 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame EEDB 0
72 B 74ms
73ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:36 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame BBA8 0
72 B 73ms
73ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:36 GMT
content-length: 0
vary: Origin

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame CAAE 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252389636&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=GGDLA2YAoQT0lgLH22FY&urls=&rnd=1707252396424&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3957&bcnLcy=1852

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:36 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2F03 11 KB
5 KB 43ms
42ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38058
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e55eb532886-MIA
content-length: 4547

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 6746 0
140 B 86ms
85ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=35175&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E7F614B428694052B02553512B1BD99A Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKyii/n6qxfYk4wcrQ==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame A1B6 0
142 B 117ms
117ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=26328&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:36 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0061ED7114F141E68378DB26A5F38A4C Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKyik61QgFg1NNZdhg==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 18E0 0
72 B 68ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:36 GMT
content-length: 0
vary: Origin

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 93CD 0
0 82ms
82ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=4875
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:36 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: 7Gst0LYYFXltjuDmUXuczM_UBjJwMxbFmhe5BWjRk3NInPiEY-wO7Q==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame C47F 437 B
572 B 477ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:43992147&@b3:1707252397&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 179b3d2ef75f467a200f6cd59ecc94275e3459142e33f64e5bfff45414c47b1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame C47F 18 KB
5 KB 279ms
278ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame B2C4 108 KB
13 KB 263ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame B2C4 227 B
271 B 265ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame B2C4 2 KB
374 B 266ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame B2C4 28 KB
8 KB 266ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame B2C4 86 KB
29 KB 271ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame B2C4 13 KB
5 KB 290ms
285ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame B2C4 157 KB
26 KB 39ms
33ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317921
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B2C4 30 KB
7 KB 50ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674363
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e598c057494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame B2C4 21 KB
8 KB 41ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498522
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame B2C4 62 KB
16 KB 40ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268446
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame B2C4 3 MB
3 MB 266ms
261ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame B2C4 82 KB
29 KB 74ms
67ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:10:56 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame B2C4 311 B
338 B 455ms
454ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:38 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame B2C4 43 B
182 B 214ms
68ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:39 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame B2C4 3 KB
1 KB 277ms
276ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B2C4 8 KB
2 KB 274ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B2C4 6 KB
2 KB 262ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B2C4 112 KB
34 KB 261ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 frontend.js Show response
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame B2C4 4 KB
2 KB 276ms
274ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 7CCC 16 KB
6 KB 79ms
74ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30517
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e599a3a2886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 7CCC 6 KB
3 KB 170ms
166ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-115134069&@b3:1707252393&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0fd0e3f4544145c8b73ead2b742521c858628fec1a3f693bb1fc0fcfc90bd31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-t: 0.289
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Ba16aB%2BbZSd4qlO8WveiOlMbl6TJetEpVg1VmN9I21yaA3xoC3IXRlQILTkyMjeltyb7hrZngVhBDtsZFe9HC5a30Gmhhh2H1Fe2h1J6gHLFXsb8GwZC%2Bu3J5Y690DSzFTgW19H7d0JGo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e599f777449-MIA
expires: Tue, 06 Feb 2024 20:46:36 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 6746 0
72 B 72ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w1.bungaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:37 GMT
content-length: 0
vary: Origin

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A558 0
0 71ms
70ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=87750
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:37 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: KRlxD348EmAfd4ItRkaSUChZkTskJnAWqQ8plDxfzTLEB7cgtF9VVA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2

200

sync
thrtle.com/ Frame E668
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://loadm.exelator.com/load/?p=204&g=1133&j=0
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f

43 B
539 B

64ms
59ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zona88.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:37 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:37 GMT
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2

200

sync
thrtle.com/ Frame 70AF
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://loadm.exelator.com/load/?p=204&g=1133&j=0
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f

43 B
540 B

66ms
61ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f
Requested by: Host: vip.disksusiangka.info
URL: https://vip.disksusiangka.info/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.pangkalanhdgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:37 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:37 GMT
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=869cad0e055a923bfc79c1b3588fa41f
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame CD56 0
289 B 68ms
67ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390548&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=QUDLA2YA4rN5lY8kAVNm&urls=&rnd=1707252397330&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=4024&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame D58F 0
289 B 67ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390616&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=XUDLA2YArp_X1Z2j2znQ&urls=&rnd=1707252397337&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=4004&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 1177 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390611&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=lUDLA2YAipKFPh7UIfYi&urls=&rnd=1707252397352&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=4029&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 5C0B 22 KB
12 KB 51ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22820
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e5bae882886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5C0B 6 KB
3 KB 119ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-46018083&@b3:1707252393&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3028b41b6464c2841402e5cbc156645e5ea5c708af27411c679e188d92f7eeae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-t: 0.282
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26M3%2FJU7ZKgKaJpLb7B4ok8TfQNGox%2Bj%2BVRnc%2FyXvI%2Fp3uIbm8qvuMxP1UnZ%2FjQLjaGFdszFRDfM23YW4jMsCuL29FUbyatQNjzB1FzPCxv9Pi04ctuJ5k3SyvKZeU8CDiXJQTCLkbn4hDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e5bab3a7449-MIA
expires: Tue, 06 Feb 2024 20:46:36 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame FEE7 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390621&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=0UDLA2YAAZMK8C4j9UtJ&urls=&rnd=1707252397366&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=4011&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 5EC2 0
289 B 65ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390619&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=sVDLA2YAtGwyOj9I3kBn&urls=&rnd=1707252397422&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=4039&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 7736 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390624&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=-VDLA2YA9UtivX5_klFi&urls=&rnd=1707252397441&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3987&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame B11C 0
289 B 73ms
72ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390630&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=QWDLA2YAKnYzh0m772n6&urls=&rnd=1707252397461&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3990&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame A478 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390633&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=bWDLA2YAm_K0Z7WyZ35w&urls=&rnd=1707252397471&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3234&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame A17B 0
289 B 67ms
66ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390637&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=jWDLA2YAQa_mmuG-hbMJ&urls=&rnd=1707252397476&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3221&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F57F 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390645&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=oWDLA2YAYtPMz53axNdd&urls=&rnd=1707252397482&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3118&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 1CAE 0
289 B 65ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390670&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=uWDLA2YAs-3Uj16CgZU9&urls=&rnd=1707252397487&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3085&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame E4FE 0
289 B 77ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390661&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=2WDLA2YAtrfPWfXB-Kie&urls=&rnd=1707252397496&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3112&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E189 0
575 B 90ms
88ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-t: 4.59
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LTx2mMZWNzRnpZuGJjUsaoVVJF5W1oHbA%2BJpIWCsG%2FxO3t%2FO2c3kxAG6lGNTFCjEwq1HKcQpuWwTLn9dN0wAWeV34BSmj49X3SYsHJOMTftIhA4Ex4OYsLmoakAcxuUbopJm6%2BiSWkKcWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e5c8b8bdaa9-MIA
expires: Tue, 06 Feb 2024 20:20:54 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E189 33 KB
11 KB 69ms
68ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37185
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 3HiwpjSEjQnYTDc4hYGAs4_7oVeQwXJ-UeiJQkedCQzBBH0HlQxdoQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E189 0
295 B 115ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=2nr423akbd&_pv=3&_ls=12&_cc=us&_pl=d&_b=chrome%40121&_cbid=6qyl&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
x-t: 0.101
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12AbgWQpaeLBhK%2BY7SMG3Y%2BN6cjuIsHmt%2F%2BhMh0ZEPh8QA6M0n28f84F6xJoWe3pzvOP3wnYVFy4aijDj%2B6y%2BZQw%2BZTevRd23W7TzqvdZupOnxXkp9TTO5iOjeixrcc1WUnty2u3q79ScOY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e5c8d847449-MIA
expires: Tue, 06 Feb 2024 20:46:36 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame E4BE 0
289 B 65ms
64ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390674&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=vXDLA2YA67l003aGZ6Xx&urls=&rnd=1707252397553&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3091&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame BD2B 0
289 B 66ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390677&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=2XDLA2YAHIl78VHyEvon&urls=&rnd=1707252397560&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3083&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 3E3A 0
289 B 65ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252390683&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.zonaprediction.com&pn=%2F&qs=na&cc=US&cont=NA&evid=-XDLA2YAKaQKEmRAE1VM&urls=&rnd=1707252397568&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=3074&bcnLcy=764

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:37 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A843 230 B
529 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame A843 231 B
530 B 34ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame 4C03 18 KB
5 KB 260ms
260ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:37 GMT

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame 4C03 434 B
569 B 212ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:145890118&@b3:1707252398&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: bd6138dde6b4ab04fd8d41eeb59a9074377109f6a6d9acf080f1d1051654d80a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:29 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 9733 167 B
449 B 60ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame 788F 167 B
451 B 60ms
60ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 live-cambodia.php Show response
w1.bungaprediction.com/ Frame 686D 858 B
481 B 344ms
342ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/live-cambodia.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

41385bdd87e63df80bd433590b3ec341e26b8b3e3581f82fa0adc036be2f4eb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 415
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:37 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 0965 11 KB
5 KB 55ms
55ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38059
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e5e0a8a2886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 2C63 10 KB
2 KB 263ms
263ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:37 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame FAE5 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0965 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 0965 75 KB
76 KB 43ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 11
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e5edc334c02-MIA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame 1D72 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A6AF 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame A1B6 0
72 B 75ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:38 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 4093 43 B
573 B 68ms
65ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=34042

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2

200

merge
ce.lijit.com/ Frame 6746
Redirect Chain

https://um.simpli.fi/lj_match?r=51001
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

64ms
59ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:38 GMT

GET
H2

200

merge
ce.lijit.com/ Frame A1B6
Redirect Chain

https://um.simpli.fi/lj_match?r=69248
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

64ms
61ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:38 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:38 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame B214 43 B
573 B 63ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=51762

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame A843 16 KB
6 KB 67ms
62ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30518
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e631e432886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A843 6 KB
3 KB 117ms
113ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-144292154&@b3:1707252395&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8648ee4d446d8ba16cb4056375e4df17b80451ccf2c2c8599e2951da37e7067a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-t: 0.246
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4BmwiUnbK23AXSgKA%2BLFwCzB7csZ5gQwd2la0J76r%2F72vH9pcDOsYkdN39Rdvci7nzi35%2FEuNotLFQ7Fc2zuqAT3mhpLQnNd0GuiQ4usvFBfg1HWUrsU7CfZRHy5%2FQbHAeIfUyJmH8TOgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e630b357449-MIA
expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 1E3C 43 B
573 B 64ms
60ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=20607

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame BF94 437 B
572 B 208ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-127186334&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 8109 2 KB
1 KB 67ms
64ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.00897160491019&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:38 GMT
Expires: Tue, 13 Feb 2024 20:46:38 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 8848 2 KB
1 KB 71ms
69ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3383460864782817&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:38 GMT
Expires: Tue, 13 Feb 2024 20:46:38 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A6AF 0
446 B 98ms
92ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-t: 3.86
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CICwaTzVZ%2Fa3k%2B6jwRV48KMD8ga%2FvQn1U27%2BQGQmVyLxIJy5O4IelIVdTV%2B7jeSFREn8MYwrbQCbbbl7BltQ%2BTgrVXXiW5aU33EjtmyIDjBW12L%2FwdhHzDYIxZPbgCmsq2VRONF3IBibw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e6358c8daa9-MIA
expires: Tue, 06 Feb 2024 20:20:55 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A6AF 33 KB
11 KB 74ms
68ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37186
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: foSAdw8HfYBVfkQqzGGudgTzkG5qVEgYzMwFiWjARy3qXQDajgqNzw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A6AF 51 B
341 B 120ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5rlr&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23ef3eb47dd85023cae337c5ea15c4608bd89e3f847dc0a05f507bf65f8b7604

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-t: 0.166
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGRPdyvgont3PSqyhuapb7fLrLXIf6a%2FmPYcSfGJPO9juZExbkYTjH3bi1%2FiWdSl9TpGWZexXyUUIk%2BwCZfMq4nU2dfcQNz1019JinsEKXUFbrSul%2FLj0Mmiibw4%2Ff%2BSFl8IIf3ZLt%2FxbLU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e635bb87449-MIA
expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame FAE5 11 KB
5 KB 74ms
67ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38060
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e636f162886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame CF4E 10 KB
2 KB 267ms
265ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame FAE5 75 KB
76 KB 45ms
45ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 12
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e637b164c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 163E 437 B
572 B 218ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-168085972&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 3E22 11 KB
5 KB 66ms
58ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38060
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e63f8612886-MIA
content-length: 4547

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame DC7D 11 KB
4 KB 58ms
50ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38060
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e63f8652886-MIA
content-length: 4547

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 1D72 11 KB
4 KB 57ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38060
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e63f8662886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 6F0E 10 KB
2 KB 264ms
262ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:38 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3

200

/ Show response
vip.poltar2d.info/live-hongkong/ Frame 4FE2
Redirect Chain

https://vip.poltar2d.info/live-hongkong
https://vip.poltar2d.info/live-hongkong/

100 KB
24 KB

332ms
331ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-hongkong/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

7a2295dc8699be843b85d3f72772ae839c804e6de68db1cb6c8bd7e4646334d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/live-cambodia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/253>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=253>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:38 GMT
location: https://vip.poltar2d.info/live-hongkong/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 2C63 15 KB
3 KB 355ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:38 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E668 0
72 B 71ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zona88.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:38 GMT
content-length: 0
vary: Origin

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 1D72 75 KB
76 KB 50ms
48ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 12
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e647c464c02-MIA
cdn-requestpullsuccess: True

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 4093 0
72 B 70ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:38 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame E203 2 KB
2 KB 69ms
65ms Script
application/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.029784237028645855&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Tue, 06 Feb 2024 21:46:38 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame E203 42 B
265 B 74ms
70ms Image
image/gif 3.13.249.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-singapore%2F&event_source=dtscout&rnd=0.029784237028645855&exptid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D&fcmp=false

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.13.249.153 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-13-249-153.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E203 5 KB
2 KB 67ms
62ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3278
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 8rf3alPrGeLTfeO38_SqYVPrKsIMXhqgdxIc04hGDbO5XQf66HhAiw==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 6D61 13 KB
4 KB 57ms
53ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39032
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e64ea8a2886-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6D61 6 KB
3 KB 163ms
160ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:75194812&@b3:1707252396&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4abb1179843f3509c562e4d3fb3d9c54b785a86b78af67266cbf0a5be12c83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-t: 0.303
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m022uOybqc8Ffy2mtGiAvZ9mbEqQq%2FuHI2FrsubHqNNWT%2Bg%2FSdukf46SjEkqimytYiJU77gF1ijUVkM0g%2BH5Rm%2FzAMC9IiMl4Jv2MjQMmZQyGBnvpWrxxycgYgCd%2FwTRfaRuozOBMJkCAek%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e64df147449-MIA
expires: Tue, 06 Feb 2024 20:46:37 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/rekap-angka-4d/ Frame FAB9
Redirect Chain

https://vip.poltar2d.info/rekap-angka-4d
https://vip.poltar2d.info/rekap-angka-4d/

172 KB
46 KB

315ms
314ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/rekap-angka-4d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

863ffece3af30258029cc8755d9dfaf20590cbb0614dd6d76616adb49fc08ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/rekap-angka-ct/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/153>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=153>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
location: https://vip.poltar2d.info/rekap-angka-4d/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B214 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:39 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 202ms
66ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:196656442&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 202ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:5913091&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 205ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:66015426&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 205ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:159547558&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 207ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-75093894&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 212ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-94677402&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:30 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 207ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:71490842&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 211ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-85998362&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 210ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:120344782&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 212ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:18508216&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 210ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:186438879&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 207ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:126592286&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 210ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-101101215&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 207ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-7938299&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 212ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-120497300&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php Show response
s4.histats.com/stats/ Frame 2F03 438 B
573 B 211ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-170731910&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 4093 0
142 B 85ms
85ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=18231&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:38 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 252996B7D27C492894AD1A46AEB719EF Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKzKPRFBPvcdFblEpQ==

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 89D5 18 KB
8 KB 62ms
62ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74833
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e664e082886-MIA
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 89D5 6 KB
3 KB 115ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-73688259&@b3:1707252396&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26b09f49911de2da4ad461b4c4ea693f95118f89fca3a8bb51ee600c454a47df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 0.244
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jlvGxgixrff8zRFlZnuNldqHS69s4I32X4cxDzxICVabF5sOpv0L467Lld2rUafZVNga6te1Ggvb9%2FZbNP%2BjY9%2FI4Vr%2BNhaSFDOghqPRAGDB2gNe4udKqkIkacQikUUfSiZo%2BKPKc3Pi4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e66499f7449-MIA
expires: Tue, 06 Feb 2024 20:46:38 GMT

GET
DATA 200
OK truncated
/ Frame C903 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 live-draw-cambodia.php Show response
rankcrack.com/ Frame 33B5 654 B
751 B 864ms
861ms Document
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/live-draw-cambodia.php
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/live-cambodia.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eabf72c7d6a11c857067258034dc0290fb7902b5f2f0e1d45e4ea4259d7c055

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85163e675b249af1-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INy5mjD6uMI%2FzWtFH74kprT0sul16ub%2B6JQO5GuG2kTLgdr2XGfv%2F6D9gydim%2BGfULANf5twFH9%2BKk5%2FqoJo0oKmwCJUDJhERrFOkq0E%2BQp4gYPgzfncZlN7BQChti45HC4whoPJicLnaeU8"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 686D 11 KB
5 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/live-cambodia.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38061
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e6758702886-MIA
content-length: 4547

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-hongkong/ Frame 0AEB
Redirect Chain

https://vip.poltar2d.info/paito-warna-hongkong
https://vip.poltar2d.info/paito-warna-hongkong/

274 KB
38 KB

317ms
316ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-hongkong/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

890f731ed09f30d934fbf4c9e2f4a8a0460db2a35dd75f2862910fd8dfd5c39f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/generator-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/95>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=95>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
location: https://vip.poltar2d.info/paito-warna-hongkong/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 1E3C 0
72 B 70ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:39 GMT
content-length: 0
vary: Origin

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame C47F 16 KB
6 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30519
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e6798de2886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame C47F 6 KB
3 KB 124ms
124ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:43992147&@b3:1707252397&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deaee4eecb23f7ed8bb1c5dda80bcf6b71419b47441cad9c32090de442a375d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 0.281
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mW5msm6fvAbMu6OIDnZCtlLOLOfhMDzlJ8nASoSIDiUjwN3RKp2sSpzpRyAvnWiaftHFP691R7ga5fcsWOQuIYLKWvtlUpN0EvJZZ86a79PWQPVJgcckcfNyc1Te%2BUMiiMOzx6PVCYngB7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e679c267449-MIA
expires: Tue, 06 Feb 2024 20:46:38 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 70AF 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.pangkalanhdgroup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:39 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 6746 43 B
573 B 62ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=50251

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:39 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7CA5 85 B
482 B 63ms
62ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647792
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: l5S_eFUT_lG_N-UiJpJrunQSg0GnsTAKwaylePRk97Ox3z6-pDArbg==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame CF4E 15 KB
3 KB 359ms
358ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame B2C4 135 KB
135 KB 261ms
260ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame A1B6 43 B
573 B 63ms
62ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=19289

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:39 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame BC30 85 B
482 B 63ms
62ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647792
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: P-GI29FMt-5Fm1J6tKUj6lfLTUI3WU6DUoL8MKPAxtOxRnGh2YzITg==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 6F0E 15 KB
3 KB 355ms
355ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
DATA 200
OK truncated
/ Frame 7CCC 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame B214 0
142 B 90ms
88ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=7607&pu=https://vip.badutprediction.info/live-japan/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: CC93AF2C8C14441A99A6B082FE19F695 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKzSWXnAO3yRbC3gOg==

GET
H2

200

sync
thrtle.com/ Frame 0620
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://sync.srv.stackadapt.com/sync?nid=throtle
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399

43 B
539 B

63ms
61ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:39 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399
Date: Tue, 06 Feb 2024 20:46:39 GMT
Connection: keep-alive
Content-Length: 120
Content-Type: text/html; charset=utf-8

GET
H2

200

sync
thrtle.com/ Frame EEDB
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://sync.srv.stackadapt.com/sync?nid=throtle
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399

43 B
539 B

61ms
59ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:39 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1707252399
Date: Tue, 06 Feb 2024 20:46:39 GMT
Connection: keep-alive
Content-Length: 120
Content-Type: text/html; charset=utf-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 1E3C 0
142 B 121ms
120ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=8691&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EA1A1D681DC04EEFB0438930111B46C5 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvKzSZ1OtXIiGq0OEQQ==

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4C03 230 B
529 B 39ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4C03 231 B
530 B 39ms
39ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C903 11 KB
4 KB 55ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38061
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e69ae092886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.zonafantasi.info/ Frame 4DAE 12 KB
2 KB 1458ms
1457ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame F3D9 11 KB
4 KB 51ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38061
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e69be382886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame F84C 10 KB
2 KB 267ms
263ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:39 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0965 18 KB
5 KB 564ms
563ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame C47F 230 B
529 B 39ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame C47F 231 B
530 B 39ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 7CCC 0
438 B 132ms
128ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 1.47
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMdce7xB4Pge1E9x971UTFdIkgY3NKhHkT9IxDNawi2GMrJu2Av%2FvI40XuYstsfhXiXFHs2npnM4aF9hWXGKcC51OUCSGSoQTLnZtwPPKojv%2BLMG22kJDyl0fJVTLrVAPCZQDVBiJVtY9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e69ec6ddaa9-MIA
expires: Tue, 06 Feb 2024 20:20:56 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 7CCC 33 KB
11 KB 71ms
67ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37187
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: w69eR3DrC6bfYxVTB9_fUnEhJ2459O-FRb3s6NKDrND0-ICRkLczog==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 7CCC 51 B
341 B 120ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=2&_ls=1&_cc=us&_pl=d&_cbid=61w7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c2155e231c89b02fa88d8ce2a2c1a80395c0b3cb089b183a8e6e3d4bb8bec5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 0.173
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiZhDGe1GeiPNGu%2BCBBJh6RPtmdMw5IyifHuEVN%2FCQJLZexvvb6cYrtLEpGRuUwjjHEw9dpBuj%2FJRfU3eDt5MgIUndhBlzbPF41DhExaG2CMnVcP4WjT%2FYlH%2BAv%2BVq9SFjQ00gLyBUKvTlA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e69e8a67449-MIA
expires: Tue, 06 Feb 2024 20:46:38 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B2C4 11 KB
4 KB 52ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38061
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e69fe9d2886-MIA
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5C0B 0
412 B 109ms
102ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 1.42
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1cSPr7sXxgbGm4XmVkAB2tc3Wiy3E03p5xgklIJEizvcTF6JnDslcBVos09pUm1D5NlYNEkQGh3NRXCFMY3ojQTPKy1gl0Uxzk0Z5d4lYSY6UAq9oFaujuTzgbL%2BK2IJ8pd0m0wkQBAZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163e6a0cb5daa9-MIA
expires: Tue, 06 Feb 2024 18:26:10 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5C0B 33 KB
11 KB 71ms
65ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37187
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: dnfWIGIeJ0MNUdeaKkLxo4qsM4X2op8lZ8cJ5uIcHWtRSZXWG0GYng==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5C0B 0
299 B 118ms
112ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=6qwc6mlfpf&_pv=4&_ls=18&_cc=us&_pl=d&_b=chrome%40121&_cbid=1g6d&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 0.102
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFsmtbGFCsUZDhcvA42yENXdY999JEqA0rGGLQw4yeevhx2W3bcorKDM73GAu0%2BccKgRbl0xvNhLAFNbIWYY3jiwYYEEDrRqS6MrTN%2BcyIt58m84DOLHS7fRbO0s9QIUvQ86Vz44CaNI6zo%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e6a09117449-MIA
expires: Tue, 06 Feb 2024 20:46:38 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E189 5 KB
2 KB 71ms
59ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3279
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: rJLy6IBNfv6UoxeZ2xYxADkoyXeve5UlMWFvvLXRQAOajVDrNsSw5g==

GET
DATA 200
OK truncated
/ Frame F3D9 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame F3D9 75 KB
76 KB 81ms
80ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 13
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e6a1d054c02-MIA
cdn-requestpullsuccess: True

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame C903 75 KB
76 KB 96ms
96ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 18
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e6a3d2c4c02-MIA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame B2C4 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame B2C4 75 KB
76 KB 116ms
115ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 21
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e6a5d754c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 4C03 22 KB
12 KB 52ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22822
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e6acfd52886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4C03 6 KB
3 KB 177ms
171ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:145890118&@b3:1707252398&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1134879c1f95fce2f1344a5df261e02543258b462a3ee3baa69a756788f38a27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
x-t: 0.262
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBOc5eWMCeow1hd3CuXlMaVUvEjq2kAmI6hyIfoXZ2coUZlbIhlQXT2nHToDBdfJq%2B3XOb5kI8J2b9Kuq47u5FkbSr3xTNvYbu0WgQ%2FgII9TuVaQlIKUSWxIIkm%2BFLQD7ZTwsj4UAadtvAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e6aca767449-MIA
expires: Tue, 06 Feb 2024 20:46:38 GMT

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 0965 437 B
572 B 226ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CAMBODIA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:24370450&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 179b3d2ef75f467a200f6cd59ecc94275e3459142e33f64e5bfff45414c47b1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:31 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7CA5 766 B
1 KB 586ms
585ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650855
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: DUmewn8GWL4HDErA0yNgGTE_2feT28Rq91upbJcl-sDaTBzUJp2KjA==

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 4FE2 108 KB
13 KB 280ms
275ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 4FE2 227 B
273 B 282ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 4FE2 2 KB
353 B 281ms
276ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 4FE2 28 KB
8 KB 281ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 4FE2 86 KB
29 KB 288ms
283ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 4FE2 13 KB
5 KB 318ms
314ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:39 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 4FE2 157 KB
26 KB 38ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317924
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4FE2 30 KB
7 KB 127ms
124ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674365
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e6afa987494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 4FE2 21 KB
8 KB 39ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498525
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 4FE2 62 KB
16 KB 38ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:39 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268449
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 4FE2 258 KB
258 KB 339ms
336ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 4FE2 4 MB
4 MB 338ms
335ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 4FE2 53 KB
53 KB 218ms
215ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 4FE2 652 KB
652 KB 264ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 4FE2 397 KB
397 KB 256ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 4FE2 443 KB
443 KB 314ms
302ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 4FE2 829 KB
829 KB 471ms
460ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 4FE2 736 KB
736 KB 445ms
433ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 4FE2 1 MB
1 MB 388ms
377ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 4FE2 2 MB
2 MB 458ms
447ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 4FE2 2 MB
2 MB 1885ms
1875ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 4FE2 733 KB
733 KB 440ms
430ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 4FE2 2 MB
2 MB 488ms
479ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 4FE2 812 KB
812 KB 451ms
443ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 4FE2 659 KB
659 KB 360ms
351ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 4FE2 1 MB
1 MB 416ms
407ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 4FE2 718 KB
718 KB 356ms
348ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 4FE2 309 KB
309 KB 283ms
275ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 4FE2 1 MB
1 MB 433ms
425ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 4FE2 173 KB
173 KB 304ms
297ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 4FE2 65 KB
65 KB 241ms
234ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 4FE2 3 KB
1 KB 344ms
338ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 4FE2 8 KB
2 KB 279ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 4FE2 6 KB
2 KB 279ms
278ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 4FE2 112 KB
34 KB 292ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 4FE2 4 KB
2 KB 352ms
340ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 08FF 19 KB
9 KB 74ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 4093
Redirect Chain

https://um.simpli.fi/lj_match?r=40286
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

61ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:40 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame BC30 766 B
1 KB 343ms
336ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650856
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 38vEil5XH3MEVuUw7GW8bSmP8pc06hSw4yBNRE_xrapcKnedlay5OQ==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 55C6 19 KB
9 KB 81ms
74ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
DATA 200
OK truncated
/ Frame A843 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame FAE5 18 KB
5 KB 283ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 1D72 18 KB
5 KB 283ms
278ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/generator-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H/1.1 200
OK 4773874.php Show response
s4.histats.com/stats/ Frame DC7D 434 B
569 B 213ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:194909441&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: c022524907e72c1c4ba74f41a776756c0ca474f72878d43bb3bb7353e412453e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 3E22 437 B
572 B 214ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-48456612&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame BF94 18 KB
8 KB 55ms
53ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74834
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e6dadd62886-MIA
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame BF94 6 KB
3 KB 116ms
115ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-127186334&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93541d257fe0e4469d24f97c9639d7f303518515435e740e6bdf34c9619a9447

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.297
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTHEyKPWXFd3GbGxOgUQNk9bAbKJLxQNYMvHBGTJmuFAa2kd6Vi27SB%2Bvxwa1eoH357CLkSocQugY2U66oB6KIP5Ttb0tTdERUbKTVt5Xe1FVL6efEGN675F474s4pzc9baZ5hOSdGPQ5kI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e6da8e67449-MIA
expires: Tue, 06 Feb 2024 20:46:39 GMT

GET
H3 200 poltar.php Show response
vip.roomangkasa.top/ Frame C66C 10 KB
2 KB 272ms
263ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:40 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 / Show response
vip.zonaprediction.com/ Frame 2C71 112 KB
25 KB 382ms
375ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ad6ea7b0d66e9bbcefa8a7c6faff864d077cfc535a3539c708bfb7b16fcd085d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:40 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A843 0
323 B 100ms
86ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 1.02
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uu6Q1QczUUG5nVDRGlbdGc9CQfnHbibaP2Kz3zUYCKf%2FHTEFIXmRL9IcGz6a30d9yuPsE239fhq9zlNcTsgWRejA%2BLbfT2Flux5G8oKKgQDw8VsqXa1lh4os0EgAD9uSpSZa4Tx9ZNYBfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163e6dcb53daa9-MIA
expires: Tue, 06 Feb 2024 18:26:10 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A843 33 KB
11 KB 137ms
123ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37188
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: hGLraCBcfHZgy9SaJNQ1cH25cWQsLoJM7QgUCIrYulGRN1FoVYihJg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A843 51 B
340 B 139ms
127ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=3&_ls=2&_cc=us&_pl=d&_cbid=1lnr&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fab091cf3806910f9a7e97c1695f94f500281fed37b8a9d03f6707056c0d466

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.205
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKipz4RqEYOEeGtp0lfGKEA24HXkF7Gm%2Fq7mJFK80WSVPu2GGZybZoQa1qBZFoeiu13VfEDCg58CRkbM7V%2BiM0ZW65DInC9JuW06EB6AQSQl8omfCbyDy2gDOe1APH7hBcVcRfz2bU6qIWc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e6dc9347449-MIA
expires: Tue, 06 Feb 2024 20:46:39 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame FAB9 108 KB
13 KB 582ms
575ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame FAB9 227 B
273 B 565ms
558ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame FAB9 2 KB
353 B 569ms
562ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame FAB9 28 KB
8 KB 569ms
563ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame FAB9 86 KB
29 KB 570ms
564ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame FAB9 13 KB
5 KB 572ms
566ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame FAB9 157 KB
26 KB 43ms
37ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317924
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame FAB9 30 KB
7 KB 51ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674366
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e6dcfb27494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame FAB9 21 KB
8 KB 40ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498525
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame FAB9 62 KB
16 KB 45ms
39ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268450
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame FAB9 258 KB
258 KB 230ms
224ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame FAB9 4 MB
4 MB 283ms
278ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame FAB9 53 KB
53 KB 231ms
230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame FAB9 652 KB
652 KB 265ms
258ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame FAB9 397 KB
397 KB 337ms
335ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame FAB9 443 KB
443 KB 310ms
295ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame FAB9 829 KB
829 KB 288ms
273ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame FAB9 736 KB
736 KB 294ms
279ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame FAB9 1 MB
1 MB 319ms
305ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame FAB9 2 MB
2 MB 376ms
363ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame FAB9 2 MB
2 MB 1680ms
1667ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:43 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame FAB9 733 KB
733 KB 306ms
293ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame FAB9 2 MB
2 MB 314ms
302ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame FAB9 812 KB
812 KB 267ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame FAB9 659 KB
659 KB 287ms
275ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame FAB9 1 MB
1 MB 379ms
367ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame FAB9 718 KB
718 KB 383ms
372ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame FAB9 309 KB
309 KB 359ms
348ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame FAB9 1 MB
1 MB 488ms
477ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame FAB9 173 KB
173 KB 308ms
298ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H2 200 jquery-1.9.1.js Show response
code.jquery.com/ Frame FAB9 262 KB
78 KB 168ms
41ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1828264
x-cache: HIT, HIT
content-length: 79506
x-served-by: cache-lga21952-LGA, cache-mia-kmia1760094-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707252401.400179,VS0,VE0
etag: W/"28feccc0-4185d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 14, 13257

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.9.2/ Frame FAB9 440 KB
108 KB 40ms
37ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.9.2/jquery-ui.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ec07ee5912c0650f1f458bf1977356d9982ef0110cd92b86ccfd5c0d9b52fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 8427096
x-cache: HIT, HIT
content-length: 110165
x-served-by: cache-lga13629-LGA, cache-mia-kmia1760094-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707252401.461680,VS0,VE0
etag: W/"28feccc0-6de73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 53

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.9.2/themes/base/ Frame FAB9 32 KB
6 KB 54ms
33ms Stylesheet
text/css 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.9.2/themes/base/jquery-ui.css
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3596f1e1af0806fe42dd3eeb1af476884d45b7d7c06f5c3ff69227086f5bd73a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5326327
x-cache: HIT, HIT
content-length: 6068
x-served-by: cache-lga21925-LGA, cache-mia-kmia1760094-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707252402.154458,VS0,VE0
etag: W/"28feccc0-806d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2978, 101

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame FAB9 65 KB
65 KB 221ms
211ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame FAB9 3 KB
1 KB 931ms
922ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame FAB9 8 KB
2 KB 291ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame FAB9 6 KB
2 KB 299ms
284ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame FAB9 112 KB
34 KB 300ms
285ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame FAB9 4 KB
2 KB 938ms
923ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3

200

/ Show response
vip.poltar2d.info/buku-mimpi-4d/ Frame F8DB
Redirect Chain

https://vip.poltar2d.info/buku-mimpi-4d
https://vip.poltar2d.info/buku-mimpi-4d/

172 KB
39 KB

331ms
326ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/buku-mimpi-4d/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ef79d1e96c1ee39b0731aa1a5c9c8c723ae64d3e76388c86339ab7dca2ba745a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/buku-mimpi-2d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:41 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/220>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=220>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:40 GMT
location: https://vip.poltar2d.info/buku-mimpi-4d/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3

200

/ Show response
vip.poltar2d.info/paito-warna-china/ Frame 8BD6
Redirect Chain

https://vip.poltar2d.info/paito-warna-china
https://vip.poltar2d.info/paito-warna-china/

273 KB
38 KB

334ms
328ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-china/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d6a296a4707a1b770416f1e9a2965e80ff9a1d03faeb84fe33cc22f7e6398c03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:41 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/103>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=103>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:40 GMT
location: https://vip.poltar2d.info/paito-warna-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame A6AF 50 B
464 B 73ms
66ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:39 GMT
via: 1.1 db8c74a249442b107d8358be4371339e.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36421
x-amzn-requestid: 068669fc-e252-481b-af87-4e504051f515
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbgxF1dCYcEMEQ=
content-length: 50
x-amz-cf-id: 8H73nkmWWmvAr6FJWBucVLdwJunzVhFdFRjtMBtv8zl7tyUKIlfqvg==

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame FAE5 437 B
572 B 224ms
73ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%20CT%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:71838966&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 179b3d2ef75f467a200f6cd59ecc94275e3459142e33f64e5bfff45414c47b1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 0AEB 108 KB
13 KB 389ms
379ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 0AEB 227 B
273 B 389ms
380ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0AEB 2 KB
499 B 389ms
380ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 425
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 0AEB 28 KB
8 KB 389ms
380ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0AEB 86 KB
29 KB 390ms
381ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 0AEB 13 KB
5 KB 390ms
382ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 0AEB 157 KB
26 KB 52ms
45ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317924
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0AEB 30 KB
7 KB 74ms
66ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674366
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e6ef9f67494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 0AEB 21 KB
8 KB 54ms
47ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498525
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 0AEB 62 KB
16 KB 54ms
48ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268450
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 0AEB 258 KB
258 KB 237ms
232ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 0AEB 4 MB
4 MB 234ms
229ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:40 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 0AEB 53 KB
53 KB 334ms
332ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 0AEB 652 KB
652 KB 344ms
344ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 0AEB 397 KB
397 KB 283ms
282ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 0AEB 443 KB
443 KB 448ms
440ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 0AEB 829 KB
829 KB 468ms
460ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 0AEB 736 KB
736 KB 417ms
409ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 0AEB 1 MB
1 MB 497ms
489ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 0AEB 2 MB
2 MB 789ms
781ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 0AEB 2 MB
2 MB 2131ms
2124ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:44 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:44 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 0AEB 733 KB
733 KB 400ms
392ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 0AEB 2 MB
2 MB 825ms
818ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 0AEB 812 KB
812 KB 431ms
424ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 0AEB 659 KB
659 KB 394ms
387ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 0AEB 1 MB
1 MB 358ms
351ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 0AEB 718 KB
718 KB 315ms
309ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 0AEB 309 KB
309 KB 391ms
385ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 0AEB 1 MB
1 MB 587ms
581ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 0AEB 173 KB
173 KB 400ms
394ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 0AEB 95 KB
32 KB 281ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 0AEB 2 KB
828 B 277ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 warna.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 0AEB 13 KB
3 KB 931ms
922ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 0AEB 65 KB
65 KB 299ms
294ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 comment-reply.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame 0AEB 3 KB
1 KB 1189ms
1183ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0AEB 8 KB
2 KB 1164ms
1155ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2473
expires: Tue, 13 Feb 2024 20:38:53 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0AEB 6 KB
2 KB 1164ms
1155ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 wp-polyfill.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 0AEB 112 KB
35 KB 1165ms
1156ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35895
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 frontend.js Show response
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 0AEB 4 KB
2 KB 1190ms
1181ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1641
expires: Tue, 13 Feb 2024 20:40:01 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame F84C 15 KB
3 KB 358ms
358ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame ACF7 2 KB
1 KB 66ms
65ms Document
text/html 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.029784237028645855&stid=ZHsABWXCmpkAAAAICHS3Aw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 06 Feb 2024 20:46:40 GMT
Expires: Tue, 13 Feb 2024 20:46:40 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 163E 18 KB
8 KB 71ms
69ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74834
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e6faadf2886-MIA
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 163E 6 KB
3 KB 115ms
113ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-168085972&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da16d21540d506f4d5f8a1d94e8403058bb48cea5a0222d37594a3b698601ede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.297
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWnC0EbM%2BnH3Z3TyY3s1e%2Bp7VNZknrtXjwhZc5Mhbfca9smktU5zXl1nFq6ErVhVOis3dTBLFV0KTGNbYhcmzjEEWrEtLSHm%2FCkQTKIh5RmfHdwjYvVNZaJ7291oZdhsq%2B7p7d7ozOHLleU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e6facb77449-MIA
expires: Tue, 06 Feb 2024 20:46:39 GMT

GET
H3 200 style3.css
rankcrack.com/css/ Frame 33B5 8 KB
2 KB 824ms
821ms Stylesheet
text/css 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/css/style3.css
Requested by: Host: rankcrack.com
URL: https://rankcrack.com/live-draw-cambodia.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325d5644a2ef758990bc2f099e2354a47762db05a7e5959fec651cdbe1c0f6b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/live-draw-cambodia.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Feb 2023 07:32:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b1e9f-1fbc-5f39e744ae140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA9ejFtH6DhyFP5XaK2aRz3TacHW8KMN%2ByrBWLqYh5xEwkKyLt29IXlihPbku1KmMK4W0aEzvwFvAZ2J%2BtPfovg9quu8g1JP5ro3wFsSXjUKijpebatqGCKGLMg%2FMvjuv5bOt84yJhjKZk4n"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85163e6feb899af1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame 33B5 2 KB
663 B 83ms
79ms Stylesheet
text/css 2607:f8b0:4006:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-cambodia.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 20:25:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Feb 2024 20:46:40 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 33B5 86 KB
30 KB 68ms
66ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-cambodia.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:16:50 GMT

GET
H2

200

merge
ce.lijit.com/ Frame B214
Redirect Chain

https://um.simpli.fi/lj_match?r=27262
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

62ms
59ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:40 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 1E3C
Redirect Chain

https://um.simpli.fi/lj_match?r=87571
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

62ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:40 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:40 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 9733 43 B
177 B 74ms
70ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:40 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 788F 43 B
177 B 73ms
70ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:40 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame 1D72 437 B
572 B 213ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20ANGKA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-58807855&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 179b3d2ef75f467a200f6cd59ecc94275e3459142e33f64e5bfff45414c47b1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2C63 11 KB
5 KB 68ms
67ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38062
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e700bc82886-MIA
content-length: 4547

GET
H2 200 cc_431.js Show response
s10.histats.com/counters/ Frame 2F03 18 KB
7 KB 48ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 25195
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e709ce22886-MIA
content-length: 7547

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 2F03 6 KB
3 KB 117ms
115ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:196656442&@b3:1707252399&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 312a894eb1f98b5b800cc47b3b3c899a9b4e72164a7d06220df09326b9029173

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.255
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnEpOZStxWFcg64T4nUA5QVyCLqqTbN2cq9F3e3T1Jx3mCXUK4sUhAsbf8x12%2FFPX9JnPFlg7LmUZZX11qsTbgJ3HxhMeoZ%2B7XZ7cQZhAMuioUSxJ8M85I8REY9eN1s1UIDA%2B1LGqM2a24E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl1
cf-ray: 85163e709e947449-MIA
expires: Tue, 06 Feb 2024 20:46:39 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.badutprediction.info/wp-includes/js/ Frame B2C4 18 KB
5 KB 260ms
260ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-3d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:40 GMT

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame E203 167 B
452 B 60ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2

200

sync
thrtle.com/ Frame 18E0
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=92218228-39bc-478f-b82a-f4e5b53fbe91
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=c82ea0b7-19bd-45cc-9811-2f6e296f3edd&_t=1707252400
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-kAIQhHBE2oT6lJDy2xGV7LTX55OwmxnlHUCUgA--~A

43 B
542 B

68ms
64ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-kAIQhHBE2oT6lJDy2xGV7LTX55OwmxnlHUCUgA--~A
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:41 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-kAIQhHBE2oT6lJDy2xGV7LTX55OwmxnlHUCUgA--~A
date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
thrtle.com/ Frame BBA8
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=92218228-39bc-478f-b82a-f4e5b53fbe91
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=c82ea0b7-19bd-45cc-9811-2f6e296f3edd&_t=1707252400

43 B
542 B

62ms
59ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=c82ea0b7-19bd-45cc-9811-2f6e296f3edd&_t=1707252400
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:40 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=c82ea0b7-19bd-45cc-9811-2f6e296f3edd&_t=1707252400
Date: Tue, 06 Feb 2024 20:46:40 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6D61 0
420 B 86ms
83ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.87
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj3gLSNqQot%2FY3KGWPAlUvaCBl7Xicdp6wePeUSFM4m%2FusDZXqf8lRW7BxM%2BtxDjL%2FJSCErdrWH0yPx11ARYQi7Q%2FoAbzGegHRNbZYYOiKsbDiU4qgVfrGmI%2Bob1r0SsbiECECU9mrVYMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e70cff3daa9-MIA
expires: Tue, 06 Feb 2024 20:20:57 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6D61 33 KB
11 KB 70ms
68ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37188
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: MWUY3P_YW1O3OX0tgbA2HrN9OWcj07dnFFx7EZkJBA1k9egulMnqLQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6D61 0
286 B 119ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=602u201chl&_pv=4&_ls=19&_cc=us&_pl=d&_b=chrome%40121&_cbid=48ws&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.091
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVXZEBVEV3zndcDV9ViABWNsIJIG6u4YccbHVY3opf16HJ7u2wLedidOIawOn5BC%2FL5Nk%2FK3y5pHdUpa0iQDoLbxdFXYAOCRsW3%2FujjVhJOWqADzYlEBPtnS17kV0TCmlr7jsuE4%2FMboU7Y%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e70ceee7449-MIA
expires: Tue, 06 Feb 2024 20:46:39 GMT

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 686D 436 B
571 B 210ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-71035345&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 58f258eb0ccbc2351e0877fbeefaa4f014060fb4906c8e3b561782ba7c0df663

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3

200

/ Show response
vip.badutprediction.info/rekap-angka-2d/ Frame B45E
Redirect Chain

https://vip.badutprediction.info/rekap-angka-2d
https://vip.badutprediction.info/rekap-angka-2d/

127 KB
23 KB

509ms
508ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/rekap-angka-2d/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-3d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

33fcc02980ff00a944f92e20045e58569443696dc0e35f027a34c6a782b0802d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/rekap-angka-3d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:41 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/148>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=148>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:41 GMT
location: https://vip.badutprediction.info/rekap-angka-2d/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame C66C 15 KB
3 KB 359ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:41 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame EEDB 0
72 B 77ms
73ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.badutprediction.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:40 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 4093 43 B
573 B 63ms
60ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=10050

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:40 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame AF66 85 B
482 B 66ms
65ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647793
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: iMTs0IMoBR0Qi6eFeH1SfmfM4xULOUnpQdx61KdDVhDnbIK1CR6Ouw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 89D5 0
424 B 116ms
90ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 1.01
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doNWaLwU%2BvtOtzjargRmXBi3UQBIeuF%2BiAGVokrN3apZWLMILqWm4OSHtzHTWEMP7gF9EGNh3wsq2e814vov2S39DD16AJiG%2BujRA%2Byw%2FBryINUo364fPgaBbxkU1wAbvzxjHdTvALP6mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e71a986daa9-MIA
expires: Tue, 06 Feb 2024 20:20:57 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 89D5 33 KB
11 KB 93ms
68ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37188
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 6TtgUjlh647biy5M8v1HzT_jboaL5FWHC2FQyZeD7Za2JZzKNY4n6A==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 89D5 51 B
338 B 227ms
205ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3ad1&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6d30055470558ef743971e7a8ec11c147a90f1b85751226e8465759381b82d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
x-t: 0.16
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eigOY40ZpQ%2F4OVgmsAEfB%2BFwAf9UEsRGd8L35GbwVnUhdyztANbBQWCw4MlaeVvum73Xm4h417%2FQxDYzOnWIP2zFqIJArWKQpnWOGiJ827mq1o2S6%2F2KxsOR%2BmTH6ARwXZM08zXkCIlV3f0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e71a8867449-MIA
expires: Tue, 06 Feb 2024 20:46:39 GMT

GET
H3 200 wp-emoji-release.min.js Show response
vip.zonaprediction.com/wp-includes/js/ Frame C903 18 KB
5 KB 350ms
337ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 2C71 108 KB
13 KB 347ms
338ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 2C71 227 B
284 B 358ms
349ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 2C71 2 KB
353 B 358ms
350ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 2C71 28 KB
8 KB 360ms
352ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 jquery.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 2C71 86 KB
29 KB 375ms
367ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 2C71 13 KB
5 KB 436ms
430ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 2C71 157 KB
26 KB 41ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317925
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2C71 30 KB
7 KB 57ms
51ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674366
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e719f077494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 2C71 21 KB
8 KB 43ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498526
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 2C71 62 KB
16 KB 42ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:40 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268450
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 2C71 258 KB
258 KB 412ms
408ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 2C71 4 MB
4 MB 250ms
247ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 2C71 53 KB
53 KB 228ms
226ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 2C71 652 KB
652 KB 396ms
395ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 2C71 397 KB
397 KB 238ms
237ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:41 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 2C71 443 KB
443 KB 199ms
192ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 2C71 829 KB
829 KB 452ms
446ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 2C71 736 KB
736 KB 688ms
681ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 2C71 1 MB
1 MB 265ms
259ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 2C71 2 MB
2 MB 282ms
276ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 2C71 2 MB
2 MB 2288ms
2283ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 2C71 733 KB
733 KB 222ms
217ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 2C71 2 MB
2 MB 269ms
265ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 2C71 812 KB
812 KB 335ms
331ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 2C71 659 KB
659 KB 260ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 2C71 1 MB
1 MB 242ms
238ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 2C71 718 KB
718 KB 211ms
208ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 2C71 309 KB
309 KB 282ms
278ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 2C71 1 MB
1 MB 353ms
349ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 2C71 173 KB
173 KB 355ms
352ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 2C71 989 B
1 KB 221ms
70ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 546a11d0edcc677b2609f791b6621f4fd5f346c78d382517c2f18e72feac3735

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:45 GMT
Connection: close
ETag: 384928612
Content-Length: 989
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 2C71 65 KB
65 KB 220ms
218ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 2C71 8 KB
2 KB 344ms
337ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 2C71 6 KB
2 KB 341ms
340ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 wp-polyfill.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 2C71 112 KB
34 KB 337ms
336ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 frontend.js
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 2C71 4 KB
2 KB 382ms
375ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame CF4E 11 KB
4 KB 55ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38062
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e71cf332886-MIA
content-length: 4547

GET
H/1.1 200
OK 4709802.php Show response
s4.histats.com/stats/ Frame C903 436 B
571 B 205ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-118406599&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 5065b71b1360ab3b292b1e552db38ef46bf94e0511fdedfd9ad6f6a35e86856b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2 Show response
ap.lijit.com/readerinfo/ Frame E189 167 B
449 B 64ms
58ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash: 0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H/1.1 200
OK 4646812.php Show response
s4.histats.com/stats/ Frame F3D9 437 B
572 B 278ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:83030107&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 179b3d2ef75f467a200f6cd59ecc94275e3459142e33f64e5bfff45414c47b1d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:32 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame C47F 0
459 B 104ms
102ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 1.14
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh7D5S3Ek2XmUHzMX9PsRznyRSYylAkjvgP9um%2Fc%2Fau34dXuvoEkzP8Hc0LdWVv4v7SXoky7pcE9QwMMkGsGs2w46NF2nA%2FPt8XJ9hFKA2yAnkNRa2f8KGvkSGruUjhuXhuBy%2BSxkaWVsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85163e71ea05daa9-MIA
expires: Tue, 06 Feb 2024 19:52:33 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C47F 33 KB
11 KB 529ms
528ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37188
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: Zldg1O4kWrMWgPJq2ePzlLcO3grDZlT9_Bb9QHb4d0VZ6q518ERAaA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame C47F 0
334 B 161ms
161ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=4&_ls=2&_cc=us&_pl=d&_b=chrome%40121&_cbid=6uf6&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 0.108
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVemV5pIuA4zTHG1RFa2m6a7aF%2FFL%2FEZtvpHUF9C%2BM3wVnXQzWRAe5kq1Q4WKuQQ6Ib0jmZFISsTpZIkafI15PotMTTdlqLd23BsD%2FgmEHYI5KwfzS9PPFIMk9QzwWWHRCDJ%2BK41svH6MAk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e71e9207449-MIA
expires: Tue, 06 Feb 2024 20:46:40 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6F0E 11 KB
4 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:40 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38062
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e71ff8d2886-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ Frame C47F 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 wp-emoji-release.min.js Show response
vip.poltar2d.info/wp-includes/js/ Frame F3D9 18 KB
5 KB 282ms
281ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H/1.1 200
OK 4790086.php Show response
s4.histats.com/stats/ Frame B2C4 434 B
569 B 1150ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%203D%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-110786540&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: bc5eb5b13a5b85f6abae61997f4adf5ebf027a68fdf35d2c5481326aa888b9ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 08FF 0
289 B 338ms
337ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252398572&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=qNELA2YAeA7RnexiyZo4&urls=&rnd=1707252401005&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=989&bcnLcy=1002

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:41 GMT

GET
DATA 200
OK truncated
/ Frame 4C03 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0965 230 B
529 B 46ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0965 231 B
530 B 46ms
39ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 55C6 0
289 B 72ms
68ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252398579&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2F&qs=na&cc=US&cont=NA&evid=hQELA2YAE_YXd98F72mF&urls=&rnd=1707252401187&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=1084&bcnLcy=1002

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:41 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:41 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 0620 0
72 B 78ms
71ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:41 GMT
content-length: 0
vary: Origin

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame AF66 766 B
1 KB 255ms
251ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650857
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: ACqFi-W9Ja1a7GzEonpTtxb7kes6-vPMvtv5AopGyQJDQilnhoV9Ww==

GET
DATA 200
OK truncated
/ Frame 4FE2 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 0965 16 KB
6 KB 49ms
48ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30521
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e73ebad2886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 0965 6 KB
3 KB 121ms
121ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CAMBODIA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:24370450&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9377967183cf2d1c20cd8fdefdd0badb24c3c49b1bd64643894bc63a1ef8e01d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 0.254
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6bALh4urR6WYUfB9jlzEyosI5fjE1tEMcJO%2Fryx1oRHAFvbGZ6IGsvFzuVqpyIE5wngXTpKjURxirXEJP0mOf5exwuObeIISeLqFAxURvnfxF3c7pQAUh68VCdkWEPRog8dnUgvHrLYwO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e73ed667449-MIA
expires: Tue, 06 Feb 2024 20:46:40 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 7CCC 50 B
464 B 63ms
62ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:39 GMT
via: 1.1 db8c74a249442b107d8358be4371339e.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36422
x-amzn-requestid: 068669fc-e252-481b-af87-4e504051f515
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbgxF1dCYcEMEQ=
content-length: 50
x-amz-cf-id: FU1I4MjSSVzVGJDlArZcLkwTkR4IwF0YXlGI_Pk4wO2KmW13aJUY1g==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5C0B 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3281
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 0JvuJAYDvqGMzpFXKJ4BK9WzbTjwTD4Eoen-50LicvQThGRo0Tvg3Q==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4C03 0
284 B 202ms
192ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 1.04
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFpWusI7xyAWJ2OcM9NNUZDaerJkx%2BJg9aSg6sCEh8d8iuse%2FvtxYyDO0CnkSbM7pLl26MfuS2XvvkXvysCaPnqs2S4kQ03LXLGTXGLLjNB4LeFmwipteFKzYJyIy1KZmAr8LL9gaop3Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e740e23daa9-MIA
expires: Tue, 06 Feb 2024 20:20:57 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4C03 33 KB
11 KB 265ms
256ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37189
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: gLT8DPZlY3CWQ3J_X1pNMUID17B_h21-8mEDmY_KKB9AxMXOUQ1WwA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4C03 0
381 B 151ms
145ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=3ea10jbm6h&_pv=5&_ls=22&_cc=us&_pl=d&_b=chrome%40121&_cbid=66aj&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 0.098
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X5MR%2F4TP%2FjFnEuDucJbwF96K81ab7VCOqaH%2BRdz15dzQL7VriKr0bvEJXOIFvoGq0fkwa%2BSp9e18NTguD9gpvPr%2FJcHWZ%2FZHiSvOHV8OSfr0KB%2Bz3vCRGaHATi6QUH3OU70KHoQ6LHBwwc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e740dac7449-MIA
expires: Tue, 06 Feb 2024 20:46:40 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame DC7D 22 KB
12 KB 55ms
50ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22824
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e741bea2886-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame DC7D 6 KB
3 KB 123ms
120ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:194909441&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f09aa088b2fc4ad414da9bd46e54799a5573a2fa8d56aec7b9020ddee7f315

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 0.553
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p48nrIYy1grLjdD5X%2FjVhcP9BbPgRCQ41NRCKv9eqReR1I9Rc8XUkZM%2B99qfg7a1TOj5g7Aw4t1w4jgQ2J5sMGdxVYn0Bnx9kcO92s%2BsIMIkC%2FQDSvJk9swaqtAGSZj7Cbno8Ou%2BH9boopg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e741daf7449-MIA
expires: Tue, 06 Feb 2024 20:46:40 GMT

GET
H2 200 cc_3018.js Show response
s10.histats.com/counters/ Frame 3E22 18 KB
8 KB 53ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74835
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e741beb2886-MIA
content-length: 7830

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 3E22 6 KB
3 KB 148ms
145ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-48456612&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b60d9ca232b57c7523d30b76a63741a7f09a2de11afcc179e935a06850a1b1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
x-t: 0.231
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvvvbD6ANKWz771kHuy%2B2%2FUmWqBv9H9NPk%2Fj0Kmw8oVJ7dzbUqCGk4tSQOqfhpY9XW0oabQNPV2LMuJzcMyrBFGJwt3B7ND1ogmmJ%2F5xZwsjEIBxrrVxWryrA5h3mZCbkC5aRyib3Emk3dA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e741db17449-MIA
expires: Tue, 06 Feb 2024 20:46:40 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame FAE5 230 B
529 B 36ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame FAE5 231 B
530 B 36ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 1D72 230 B
529 B 39ms
37ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 1D72 231 B
530 B 39ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A6AF 5 KB
2 KB 68ms
65ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3281
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Nk_2xkMI66RNKjVBHAoD31dgtdLcHsFkllbqBjl9ezktmrwT3ip2SQ==

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame B214 43 B
573 B 85ms
67ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=47726

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:41 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 4542 85 B
481 B 70ms
57ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647794
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: 4fAzvA2cIjGoPA-WRPaKx1oMWER5voOZ608He-H4dCoGnipklo7Anw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 1E3C 43 B
573 B 70ms
63ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=48411

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:41 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 54DB 85 B
480 B 72ms
60ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647794
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: 2s9S_r1KXs74lHFE1U60ybYNkR4aeMu9-wc3UvcyhdesS1ts58FNEQ==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 82A3 0
0 77ms
72ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=50040
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:41 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: 1RHfG8RKJPeI6tdgk3RxtdYBHPWvv87mbwWAkAFTLkRquf9CEGlMgA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1DF0 0
0 76ms
73ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=21175
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:41 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: t0sDDvIt0fWIyW1qq7sjQ3_kxfjAEVLMXxJmblwSXFO6dGOlwEsRIg==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 / Show response
tabelpakde.com/live-draw-hk/ Frame E9FC 28 KB
6 KB 182ms
59ms Document
text/html 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/live-draw-hk/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eafe1dbd1ba3b927dd250192b64a50dfebeff5385b23c4336b0a81815df2851

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 471
alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 85163e7819cc875b-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:41 GMT
last-modified: Tue, 06 Feb 2024 20:38:50 GMT
link: <https://tabelpakde.com/wp-json/>; rel="https://api.w.org/" <https://tabelpakde.com/wp-json/wp/v2/pages/1433>; rel="alternate"; type="application/json" <https://tabelpakde.com/?p=1433>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXJRmj99DDNIAw9gfTj3G6hsQF3Fvr97KxTN%2BfVm%2BFXLpQb%2BiJd%2F0cowaQK4%2F2hDMvCgZqWNzeL9V1wJThzxTWSU4aC0xUbNhvZN6rioOG3ql9dzcHP4k6pGkyfKPa9m5MkADDESKn683%2BBRBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4FE2 11 KB
5 KB 52ms
39ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38063
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e776bb42886-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
vip.velbettgroup.com/ Frame 4A5B 10 KB
2 KB 265ms
263ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:41 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame F8DB 108 KB
13 KB 286ms
280ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame F8DB 227 B
273 B 286ms
281ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame F8DB 2 KB
353 B 286ms
281ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame F8DB 28 KB
8 KB 286ms
282ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame F8DB 86 KB
29 KB 298ms
293ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame F8DB 13 KB
5 KB 321ms
317ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame F8DB 157 KB
26 KB 46ms
42ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317926
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F8DB 30 KB
7 KB 53ms
49ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674367
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e779bad7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame F8DB 21 KB
8 KB 47ms
43ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498527
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame F8DB 62 KB
16 KB 47ms
43ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268451
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame F8DB 258 KB
258 KB 334ms
331ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame F8DB 4 MB
4 MB 335ms
332ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame F8DB 53 KB
53 KB 760ms
759ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame F8DB 652 KB
652 KB 265ms
264ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame F8DB 397 KB
397 KB 274ms
273ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:43 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame F8DB 443 KB
443 KB 343ms
336ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame F8DB 829 KB
829 KB 222ms
215ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame F8DB 736 KB
736 KB 270ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame F8DB 1 MB
1 MB 243ms
236ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame F8DB 2 MB
2 MB 268ms
262ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame F8DB 2 MB
2 MB 1728ms
1723ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:48 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame F8DB 733 KB
733 KB 226ms
221ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame F8DB 2 MB
2 MB 228ms
224ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame F8DB 812 KB
812 KB 322ms
318ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame F8DB 659 KB
659 KB 300ms
297ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame F8DB 1 MB
1 MB 230ms
227ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame F8DB 718 KB
718 KB 220ms
217ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame F8DB 309 KB
309 KB 289ms
287ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame F8DB 1 MB
1 MB 302ms
299ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame F8DB 173 KB
173 KB 207ms
205ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame F8DB 65 KB
65 KB 200ms
198ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame F8DB 3 KB
1 KB 299ms
298ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F8DB 8 KB
2 KB 317ms
316ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:43 GMT

GET
H3 200 regenerator-runtime.min.js Show response
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F8DB 6 KB
2 KB 278ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:43 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F8DB 112 KB
34 KB 277ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame F8DB 4 KB
2 KB 304ms
297ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 8BD6 108 KB
13 KB 314ms
308ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 8BD6 227 B
273 B 321ms
316ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 8BD6 2 KB
499 B 322ms
318ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 425
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 8BD6 28 KB
8 KB 322ms
318ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 8BD6 86 KB
29 KB 331ms
328ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.poltar2d.info/wp-includes/js/jquery/ Frame 8BD6 13 KB
5 KB 353ms
349ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 8BD6 157 KB
26 KB 40ms
36ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317926
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 8BD6 30 KB
7 KB 120ms
117ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674367
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e77abcb7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 8BD6 21 KB
8 KB 41ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498527
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 8BD6 62 KB
16 KB 41ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268451
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 8BD6 258 KB
258 KB 321ms
318ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 8BD6 4 MB
4 MB 426ms
423ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 8BD6 53 KB
53 KB 593ms
591ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 8BD6 652 KB
652 KB 214ms
213ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:42 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 8BD6 397 KB
397 KB 319ms
318ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:43 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 8BD6 443 KB
443 KB 235ms
230ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 8BD6 829 KB
829 KB 225ms
220ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 8BD6 736 KB
736 KB 295ms
290ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 8BD6 1 MB
1 MB 258ms
253ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 8BD6 2 MB
2 MB 325ms
320ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 8BD6 2 MB
2 MB 1879ms
1875ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:48 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 8BD6 733 KB
733 KB 277ms
272ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 8BD6 2 MB
2 MB 246ms
242ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 8BD6 812 KB
812 KB 327ms
324ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 8BD6 659 KB
659 KB 287ms
283ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 8BD6 1 MB
1 MB 283ms
279ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 8BD6 718 KB
718 KB 314ms
311ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 8BD6 309 KB
309 KB 212ms
209ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 8BD6 1 MB
1 MB 246ms
243ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 8BD6 173 KB
173 KB 327ms
324ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 jquery.min.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 8BD6 95 KB
32 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 20:46:43 GMT

GET
H3 200 table.js Show response
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 8BD6 2 KB
780 B 283ms
281ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 20:46:43 GMT

GET
H3 200 warna.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 8BD6 13 KB
3 KB 285ms
285ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 8BD6 65 KB
65 KB 191ms
188ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:47 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 8BD6 3 KB
1 KB 318ms
315ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 8BD6 8 KB
2 KB 281ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 8BD6 6 KB
2 KB 285ms
279ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 8BD6 112 KB
35 KB 286ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35895
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 8BD6 4 KB
2 KB 316ms
310ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1641
expires: Tue, 13 Feb 2024 20:40:01 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 4FE2 75 KB
76 KB 54ms
50ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 15
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e77bad44c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame FAE5 16 KB
6 KB 46ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30521
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e781d442886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame FAE5 6 KB
3 KB 118ms
115ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%20CT%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:71838966&@b3:1707252400&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be24d70b929fc6c61632626fa9c204dd981407a6932bf93e83ee57b508485ecb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-t: 0.355
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2dJAMjDQSnYVU1f2D5dcqVYK8W9AFvCDVWb9n8ogv9WUDeq5DF9wT69K5fLeGURvvHYwq3VmXmMyKbZCUipH228GSe25INyHPPrtoglVRKLDt4tvDGV%2BM5V%2FpeH6fh%2FhYRuYg728hU2EnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e781e407449-MIA
expires: Tue, 06 Feb 2024 20:46:41 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23383/a/US/ Frame 03A6 19 KB
9 KB 76ms
73ms Script
text/javascript 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23383/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:41 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8543
Expires: Tue, 13 Feb 2024 20:46:41 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 2C63 437 B
572 B 234ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:21201709&@b3:1707252402&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:33 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame BF94 0
452 B 92ms
88ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-t: 1.33
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmvH551wcOeaaZukGaxnJPg02UTCz8uXoA4Z1u83l2aFklGgmBJHi2PbZOROCbRDM6e23VeFZBk5MwOkKHGoPQstBBxaKIWXYUXNV6EHuPKpMIhABz9VH%2BKSX55agMzD6nE63fbX2oetTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 85163e788d97daa9-MIA
expires: Tue, 06 Feb 2024 20:39:56 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame BF94 33 KB
11 KB 124ms
120ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37190
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: m5fcuI8gUq8sQ_wF7ZFocyrtSxCsYva9cG3mFEqOYlmjZyyRUHsYKQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame BF94 51 B
344 B 113ms
109ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=2&_ls=1&_cc=us&_pl=d&_cbid=3906&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9bd32e2df8a0a392412c19dae13c308260669be5cc6e0c0a6c177637dac8658

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-t: 0.135
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALXWqJD1cMSec9fI2xQcVItRFsi%2BwTrRjzcAgmc5xoc13HbpQ25GpuOkEW9vuYUHYEAa%2BvNoPCbyq%2FuCbO3fRYBeVv%2BBrTBZSOqmhGEamnw3yGvdZiC2cSGxA%2BgyUuD9wJ7OMiNQUTMGKJc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e788eea7449-MIA
expires: Tue, 06 Feb 2024 20:46:41 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A843 5 KB
2 KB 65ms
64ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3282
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: O0dmuRT2xVqmuvS8VOEWeVpUxbn9ot-Pa7g313M5l24YjKkLh7Ao1w==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 163E 0
431 B 82ms
80ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-t: 1.54
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yFJfuI4hIbAbG7Ub6LEMOkWr26PFqhr%2BK1zsuMp8okT%2BG73sp16oAJLLO21Bo0ITaBJxkbqbo%2BJ3SrvHSBrucQxCUCJrkKcjl1lYnDqH80KU07BGHjZA4b2dnUa0X97pRQGvtTzLGzrZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 85163e78adb8daa9-MIA
expires: Tue, 06 Feb 2024 20:50:20 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 163E 33 KB
11 KB 174ms
174ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37190
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 7BiSouYnm3iDuJ2rW9VAd_e40dMnuOY-vMpQ7c05X09Lc48qXyUE_Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 163E 51 B
339 B 117ms
116ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=3&_ls=1&_cc=us&_pl=d&_cbid=1jpk&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214619c9db09f96d052cadaa5883efac078f5dc3fe8581e539ad982ef97ffaaa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-t: 0.168
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yems5itrHjJM6PSP2HSl2hbGspG3m9kaBgmdqI%2FATzs%2FaYeYniqJWwIZkHC00UIcxueabMQ2rUA0AUy%2F%2FK39qZriJcHBzozkewf1R%2FtZCbFFxNud7SjD9IDfWILA3Quj%2BmRG8dyE6iNICfc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e78af0d7449-MIA
expires: Tue, 06 Feb 2024 20:46:41 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 7CCC 5 KB
2 KB 71ms
58ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3282
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 9T7wDm7FYASEDFvEQlAx7Rb_wpALkju88fpp5NIx4bLdM6zbge_oGQ==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame BBA8 0
72 B 76ms
66ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:42 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 18E0 0
72 B 68ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:42 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame B45E 108 KB
13 KB 259ms
258ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame B45E 227 B
271 B 262ms
257ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame B45E 2 KB
374 B 263ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame B45E 28 KB
8 KB 264ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 jquery.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame B45E 86 KB
29 KB 271ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 jquery-migrate.min.js Show response
vip.badutprediction.info/wp-includes/js/jquery/ Frame B45E 13 KB
5 KB 287ms
283ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame B45E 157 KB
26 KB 39ms
35ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317926
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B45E 30 KB
7 KB 48ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674368
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e794ed87494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame B45E 21 KB
8 KB 40ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498527
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame B45E 62 KB
16 KB 41ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:42 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268451
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame B45E 3 MB
3 MB 263ms
260ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash: f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:42 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame B45E 82 KB
29 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:10:56 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame B45E 311 B
338 B 476ms
475ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:43 GMT

GET
H/1.1 200
OK 4790086&101.gif
s4is.histats.com/stats/i/ Frame B45E 43 B
182 B 214ms
76ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:47 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js
vip.badutprediction.info/wp-includes/js/ Frame B45E 3 KB
1 KB 274ms
273ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B45E 8 KB
2 KB 259ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:44 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:44 GMT

GET
H3 200 regenerator-runtime.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B45E 6 KB
2 KB 257ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 wp-polyfill.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame B45E 112 KB
34 KB 259ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H3 200 frontend.js
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame B45E 4 KB
2 KB 273ms
272ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame F84C 11 KB
5 KB 50ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38064
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e795f502886-MIA
content-length: 4547

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame 1D72 16 KB
6 KB 49ms
42ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30522
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e797f9e2886-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 1D72 6 KB
3 KB 129ms
123ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20ANGKA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-58807855&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4360e505f4c5a04c8bbb957c60a066c269b4b6356696571615c0a68ba3e9807e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:42 GMT
x-t: 0.243
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqFmnE4UYgsVpYeuRSawVdHp%2BGh9L7oj1jcZTIfw4lGq7As9elHftmsZCpBUZ7GrX1GNtuw3zcAmBkgpteafMjGTdfaxCsUU4aQvdjeA4Q%2FB3m%2BBFcbztj3I9hLpre9fyfPkAssozr6rOkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e7978987449-MIA
expires: Tue, 06 Feb 2024 20:46:41 GMT

GET
DATA 200
OK truncated
/ Frame FAB9 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0AEB 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 4542 766 B
1 KB 64ms
61ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650858
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: SaKtUgtCkUocx_TXTKAwIdCnYW-du1ROK8ohfnV4bUpHeSwYR2l6Ig==

GET
H3

200

/
vip.poltar2d.info/live-hongkong/ Frame 027B
Redirect Chain

https://vip.poltar2d.info/live-hongkong
https://vip.poltar2d.info/live-hongkong/

100 KB
24 KB

316ms
314ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-hongkong/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/live-hongkong/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:43 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/253>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=253>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:42 GMT
location: https://vip.poltar2d.info/live-hongkong/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 54DB 766 B
1 KB 61ms
61ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650858
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: S22N27p1O9aJ3WYbaqbWoXtwFXY14xqggkR4YcZogFBW7pId80dh8A==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 2F03 0
435 B 85ms
82ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-t: 2.01
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma5XlTJ6jMbO50zCKTkovK4Bb3LR33uSVSseOMpq59JU1uD32tNzXpt3Wq4vPj0XOggjQNv5YmP2C72syVxn7n7nvWysLyknAl5HRhGbGbdbDzhloUPlVSlHpC1PPOTady8fLghImLRGkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e7f6881daa9-MIA
expires: Tue, 06 Feb 2024 20:20:59 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2F03 33 KB
11 KB 124ms
121ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37191
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: TC3qQJTNIxKVF6eETceKGhpl87vOhnzpjIezV9FBcKSy3wnZA2WOkw==

GET
H2 200 /
t.dtscout.com/pv/ Frame 2F03 0
349 B 118ms
116ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonafantasi.info&_ss=2nr423akbd&_pv=4&_ls=18&_cc=us&_pl=d&_b=chrome%40121&_cbid=1fvb&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMUM3oXOOoMKojaufHoU1yhHPvlHJQGv%2BCmL0wxCDoM9bxZKmRgaIVta%2BpP4k%2F4k8jOei7XKciK4pLfUXs3w8l4yHmJctOp%2BaMooedEiNCTFl6l5436i0jeLiztw3MPIv87M0kE%2BGMKa7JA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e7f6c527449-MIA
expires: Tue, 06 Feb 2024 20:46:42 GMT

GET
H2 200 style.min.css
tabelpakde.com/wp-includes/css/dist/block-library/ Frame E9FC 95 KB
13 KB 66ms
64ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 16:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1361
etag: W/"17ced-643ecb48-1f8584;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj3XAxtxWJoRtMwLDTcV8hNI77Vhic4TQbbux3m8zeWz9ro5U1kM9HoQDL%2Bwj8AubaqTei3fD3g15goT7%2FNoxwFq1zr5BVnNmeFnkg54XWBgqsGJlrW0vd%2FC5rEsRNS5t49faGsm6KLz6CDv6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163e825bfb875b-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:07:48 GMT

GET
H2 200 classic-themes.min.css
tabelpakde.com/wp-includes/css/ Frame E9FC 291 B
583 B 62ms
61ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-includes/css/classic-themes.min.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 16:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1361
etag: W/"123-643ecb48-1bae39;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rvg3%2Fvq0JmcXz6H%2FMXRW4toelOoMHs3Vh%2BozRXZJiBcatKlXb668AHb6RJMfAsxZs3Bs5FTrCDVZiYjh1o3SnklHFaexOrBolURz0npj5ZmpzJyHNN1d3o2B5fJWfkAfdK%2F5i%2Fb8k1sRm%2Bogyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163e825bfc875b-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:07:48 GMT

GET
H2 200 style.css
tabelpakde.com/wp-content/themes/twentynineteen/ Frame E9FC 151 KB
25 KB 66ms
65ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-content/themes/twentynineteen/style.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 747f8be2f5717d771b7aea7cc4f2b542142b661cc81b2bd6ada501b62611d20e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1361
etag: W/"25b97-62cc2af0-1f8143;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb8KSGeyzfWcf%2F744NYzrIWQeqF1Ztqi2NRTBmtu%2FY7hqVv5p6m2SAKyGdCOKvi0ycocleQLG%2FizdbW3VrNjueD%2BE7ed2rCFvHAfe%2F4xMcdu6rh29ODyZ187KNc1lvICLm9AOLzDPYu125F3ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163e825bfe875b-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:07:48 GMT

GET
H2 200 default.css
tabelpakde.com/wp-content/plugins/tablepress/css/build/ Frame E9FC 6 KB
3 KB 64ms
63ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: debb712196d5cadeea88c64b0c3364265abdee5035a71c65ac9172ccdd8250b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jun 2023 09:57:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1361
etag: W/"17c7-649ea721-1f945c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKzgyi1Wq3kCvvTJQ%2BkXrpfjT1UCr%2FLUlPBUIx3KnhTPQtR%2FE%2FICG0K06AHzdtXPOHHTzQcYipcMbeQib23REoKHS4zD0XesRS%2FEt9pmpRITlrEmyiIRoc3BoDCKsWyJpyg60ekzkJlbNpOMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163e825c00875b-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:07:48 GMT

GET
H2 200 logo-hongkong-pools.jpg
1.bp.blogspot.com/-2Di_UzrZrOo/Xn4xevxDnMI/AAAAAAAAAxc/2SYE2fXvVfIDUwsUUfhHwCgiRrR0Q0F_ACLcBGAsYHQ/s1600/ Frame E9FC 12 KB
12 KB 217ms
67ms Image
image/jpeg 2607:f8b0:4006:80d::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2Di_UzrZrOo/Xn4xevxDnMI/AAAAAAAAAxc/2SYE2fXvVfIDUwsUUfhHwCgiRrR0Q0F_ACLcBGAsYHQ/s1600/logo-hongkong-pools.jpg

Requested by

Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

7570cf10f62a37c9d94f00315c0a4d0b350512c7916eb433f87f14fbd4029274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:30:05 GMT
x-content-type-options: nosniff
age: 998
content-disposition: inline;filename="logo-hongkong-pools.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12426
x-xss-protection: 0
server: fife
etag: "v327"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:30:05 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6D61 5 KB
2 KB 66ms
65ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3283
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: rqfjWN6gPnWzl70FtyTw1fQfI8mAKx_oxq6ZzcgYU5A3hS4AaswP7A==

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 686D 18 KB
7 KB 58ms
57ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 55405
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e826a7c2886-MIA
content-length: 7420

GET
H2 200 /
e.dtscout.com/e/ Frame 686D 6 KB
3 KB 117ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-71035345&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
x-t: 0.302
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V000x5O3%2B2jBBdXwmXG0LpICJ13PZJkJpunqkbwmusRNPA01XsDyjc2IpNFjzTmYtSl%2FW8LXADsObVZXP0ULnX%2FQ8is0tOwoqTfKW4u83dMdnU24I7ZEgSptfyVzaqHzLYzgc9BIH2KaV2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e8269757449-MIA
expires: Tue, 06 Feb 2024 20:46:42 GMT

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame CF4E 437 B
572 B 208ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-41162992&@b3:1707252404&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:35 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php Show response
s4.histats.com/stats/ Frame 6F0E 437 B
572 B 200ms
66ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-159664739&@b3:1707252404&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash: 8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:35 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B2C4 230 B
529 B 42ms
42ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B2C4 231 B
530 B 42ms
41ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 4DAE 15 KB
3 KB 357ms
356ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:43 GMT

GET
H3 200 bbjs.js
bungaprediction.top/ Frame 4A5B 15 KB
3 KB 353ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:43 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C66C 11 KB
5 KB 49ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38065
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e835c502886-MIA
content-length: 4547

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 9733 43 B
573 B 61ms
59ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=36408

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 788F 43 B
573 B 61ms
60ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=63442

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame E203 43 B
177 B 70ms
69ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:44 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 /
onetag-geo.s-onetag.com/ Frame 89D5 50 B
462 B 74ms
74ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:41 GMT
via: 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36423
x-amzn-requestid: ec45575c-838f-4baa-a95d-f2d30f760734
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbhHFSMiYcEqUQ=
content-length: 50
x-amz-cf-id: fSN95XncTzHPTf68sTMFiNxi5AFdHFejwOW7c_Z0fcFi-vTHZWP1hQ==

GET
H2 200 cc_604.js
s10.histats.com/counters/ Frame C903 13 KB
4 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39038
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e862ac62886-MIA
content-length: 4509

GET
H2 200 /
e.dtscout.com/e/ Frame C903 6 KB
3 KB 117ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-118406599&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:44 GMT
x-t: 0.488
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vER4n%2BSfAqLVbqSE7m%2Ful5oZhkM%2BuS6jMG953pfC0aT9lUiKepsstVToYQSfp6NdJ%2BjiDyUkjuJoh8YyCrWyj9b2j%2BzluBKG4by3OQS92cWwsXuxG2wUeR0A6%2Fyy%2FPjea9TTirz7eZe1HAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e8628e87449-MIA
expires: Tue, 06 Feb 2024 20:46:43 GMT

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame F3D9 16 KB
6 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30524
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e862ac92886-MIA
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame F3D9 6 KB
3 KB 137ms
136ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%202D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:83030107&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:44 GMT
x-t: 0.317
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQaqAGb8QS8sEffiTsDrdibNeCQYiKNDu83nzrjFSdhV1rrvWx4%2BXGHhwGDuqGkDTc2ue8ZskH769NQAJ2LqL%2FlStpFBCbzQuPOliCEzvA%2Fu4i6ZO8Mo%2B9o1hGjMQejPS5AUC25nNkq4mKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e8628ea7449-MIA
expires: Tue, 06 Feb 2024 20:46:43 GMT

GET
H3 200 wp-emoji-release.min.js
tabelpakde.com/wp-includes/js/ Frame E9FC 18 KB
5 KB 49ms
48ms Script
application/x-javascript 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 16:54:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6999
etag: W/"4904-643ecb47-1f881b;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA4BYrhL3DU%2Bpip8TMq7ljKeeSEiSq2TdTrEdage%2FAH7VdDamXUCFFDtGZhHXaxa1HmlY3GdKjgB7Mym0oAeRRpK3U7%2BBQJoOQ1QZJdTfNqpBnlIvjbNWKY7w6mY6pQ7yVM8pl4YS8Y3ndR8BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85163e8bd905da3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:55 GMT

GET
H3 200 print.css
tabelpakde.com/wp-content/themes/twentynineteen/ Frame E9FC 4 KB
2 KB 47ms
46ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-content/themes/twentynineteen/print.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3988e225a811f9523107de1c8098a49adf8cf3a302df020382c696168bc5cda5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 156
etag: W/"f6d-62cc2aab-1f8100;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEfwPJNd3Yw4pBWCQ4JoNA7qKUwTDogKDXRR%2BPom%2FyTn0tCuPGVJTwaFPdQeSESJJL4UQ9QGrjYIQRJcrdgqd7jYmjAbtW9LSd7C%2B6TpW%2BcCb7jXqqrTnTFCLQiLYBUmY5oWm4j7yStRpXd8fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163e8bd906da3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:45 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame F3D9 230 B
529 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame F3D9 231 B
530 B 34ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 5C0B 167 B
449 B 60ms
60ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 027B 108 KB
13 KB 280ms
276ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 027B 227 B
273 B 285ms
276ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 027B 2 KB
353 B 286ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 027B 28 KB
8 KB 288ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 027B 86 KB
29 KB 290ms
285ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 027B 13 KB
5 KB 314ms
309ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:45 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 027B 157 KB
26 KB 38ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317929
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 027B 30 KB
7 KB 46ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674371
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e8c2a4d7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 027B 21 KB
8 KB 41ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498530
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 027B 62 KB
16 KB 38ms
35ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268454
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 027B 258 KB
258 KB 343ms
340ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 027B 4 MB
4 MB 296ms
293ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 027B 53 KB
53 KB 246ms
241ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:45 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 027B 652 KB
652 KB 343ms
340ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:46 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 027B 397 KB
397 KB 512ms
511ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:46 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 027B 443 KB
443 KB 276ms
265ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 027B 829 KB
829 KB 291ms
281ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 027B 736 KB
736 KB 268ms
259ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 027B 1 MB
1 MB 272ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 027B 2 MB
2 MB 302ms
294ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 027B 2 MB
0 2775ms
2768ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 027B 733 KB
733 KB 383ms
376ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 027B 2 MB
2 MB 258ms
252ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 027B 812 KB
812 KB 241ms
237ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 027B 659 KB
659 KB 526ms
521ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 027B 1 MB
1 MB 269ms
265ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 027B 718 KB
718 KB 260ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 027B 309 KB
309 KB 373ms
368ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 027B 1 MB
1 MB 323ms
318ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 027B 173 KB
173 KB 273ms
268ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 027B 65 KB
65 KB 204ms
199ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:48 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 027B 3 KB
1 KB 280ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 027B 8 KB
2 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:46 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 027B 6 KB
2 KB 277ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:46 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 027B 112 KB
34 KB 308ms
308ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 027B 4 KB
2 KB 335ms
334ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame A6AF 167 B
447 B 78ms
74ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame C47F 5 KB
2 KB 71ms
71ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3285
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 7IxLH8W6u3sviw3J4rInv4g7GfQ4Mb4ktG0HhQ-wSXJWQxprGP_I2w==

GET
DATA 200
OK truncated
/ Frame 2C71 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 2C71 75 KB
76 KB 50ms
50ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 24
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e8c5ac94c02-MIA
cdn-requestpullsuccess: True

GET
H3

200

/
tabelpakde.com/ Frame E9FC
Redirect Chain

https://tabelpakde.com/wp-content/themes/images/brick-wall.png
https://tabelpakde.com/

100 KB
100 KB

54ms
54ms

Image
text/html

2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabelpakde.com/
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/wp-content/themes/twentynineteen/style.css?ver=6.2.4
Protocol: H3
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/wp-content/themes/twentynineteen/style.css?ver=6.2.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Feb 2024 20:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 153
x-litespeed-cache: hit
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y72NFVYBc79jiEhzlTaYhRbQdVxqm10wHfXxkA%2Fs2T6DcRNzxAl4a%2Fy5%2F%2FM%2BIQK6pzlPO%2BCSsHbVf1zlMuGNTSfNO47gxN%2BK1ZasxuQk8pXsz413Hk4enFUwem7nEqKwyZSeJ%2F1fIjhTf7XPqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=120
cf-ray: 85163e8cba0dda3f-MIA
link: <https://tabelpakde.com/wp-json/>; rel="https://api.w.org/", <https://tabelpakde.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://tabelpakde.com/>; rel=shortlink
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 06 Feb 2024 20:46:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 481_HTTP.404,481_404,481_URL.ccdd258ddbe472c29f3082e0ddc05535,481_
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIFxy4go%2BpDOkJh0o0X8I2krZTpuITSPFCWB5rF8e2kFEnqpgT0VZQiW1qc2qzOdDYeY3Q9x%2BjDwTFEBXHUYOIlntRpfva5MCr%2B3Z2wwWUY6wd%2BkY35TYUNNjsGuih6fbYmNpc%2FdvwBT4yvbJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://tabelpakde.com
cache-control: max-age=120, must-revalidate
cf-ray: 85163e8c69acda3f-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame FAB9 11 KB
5 KB 48ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38067
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e8ca9282886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame C629 10 KB
2 KB 268ms
266ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:45 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
DATA 200
OK truncated
/ Frame 0965 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame FAB9 75 KB
76 KB 46ms
45ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 19
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e8d7cd44c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame E189 43 B
177 B 76ms
70ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:45 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 9733 0
142 B 89ms
87ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=85055&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D9B07E1157EE45E78EC6F5D95F805624 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK0y22aeR3NIMXWlyw==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 788F 0
141 B 125ms
124ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=71825&pu=https://vip.badutprediction.info/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:45 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 184FE90DD6F24577A05FA2BA35AB3453 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:45Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK0y2rGZ/Fr9cbslyQ==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame DAEF 0
0 73ms
73ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=35995
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:46 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: Q63lZIuGFIzR3MFdA27ROHVsuhhX6x7fG4vEqK4OpiNWPLjwz07jTQ==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 js15_as.js
s10.histats.com/ Frame 2C71 11 KB
5 KB 49ms
48ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38068
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e966c812886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.zonafantasi.info/ Frame 8B7B 12 KB
2 KB 290ms
289ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:46 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 /
t.dtscdn.com/widget/ Frame 0965 0
575 B 81ms
79ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-t: 0.98
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F24gyWgKH%2BvmLUm32U4iM10cRQyZoucL7e5LVBQeImROPeAVfyFhSgwNQg9vz03LCCT2d0F4yOK5Bd6O2ZOKx%2BnhOjq1bkw4l8e%2Fh39sjlFMNQQd0yk11WyGmZyV2hiE0Cv8GmJlIYFO2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163e967a1fdaa9-MIA
expires: Tue, 06 Feb 2024 18:26:17 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0965 33 KB
11 KB 122ms
120ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37194
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 0Fnu4dFr6zCSF0WZ4pTMg6l7SId7ld-KGf5h3cZvvbfyy2tfclPFSg==

GET
H2 200 /
t.dtscout.com/pv/ Frame 0965 0
329 B 121ms
120ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=5&_ls=8&_cc=us&_pl=d&_b=chrome%40121&_cbid=atut&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-t: 0.097
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UknmT3zFoVW6Po%2Bql2xC5JgCFv9peAPNip2FpbMXgLya9gjd0k1ONCnG4A2xxaepWzm1wU2xP8stoY3WWkfCV%2FOYkZq6y5qwuBpBZ1ukPBGOUYuZ2aG0P9KD09L3JaWCCPmPB9NBGYInHAU%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e9678d17449-MIA
expires: Tue, 06 Feb 2024 20:46:45 GMT

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame 4FE2 18 KB
5 KB 275ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:46 GMT

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 4C03 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3286
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PsyAeQ9hUwR0RLJDh_qKaEkdqUFEh3WHhKGocVz9xiv5gKzmi8RyqA==

GET
H2 200 /
t.dtscdn.com/widget/ Frame DC7D 0
442 B 87ms
85ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-t: 1.34
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1j%2BroyxvORmIOTmsSt7CUZReiLi1VSBddWPFI8SG6rLnpKzhW%2FV9KZsTbGJOwyC2VW7LEh%2BbD%2FWUMF855%2BaBjx4BPsNL50%2B%2FbJEYXIAphztVuGBlKri4Ww%2Bx1n%2BOhTbdITaxqX3BoGbYsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 85163e96aa71daa9-MIA
expires: Tue, 06 Feb 2024 20:50:08 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame DC7D 33 KB
11 KB 160ms
158ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37194
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: sbl3gzp1Qa4O50i_4mCWEVesNBsFpcG2_C7D4KpQcz0iOyuYBaAPKg==

GET
H2 200 /
t.dtscout.com/pv/ Frame DC7D 0
297 B 115ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=6qwc6mlfpf&_pv=5&_ls=25&_cc=us&_pl=d&_b=chrome%40121&_cbid=59c5&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-t: 0.091
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYf2eQCfYmYBWiQah0fz4leUwtIw9m3wmc8Rsxtz4JzY%2ByVJFRxHHm62l2WFB2gp3u%2FoPKqXd%2Buf%2BCdLFt9q1t%2FXlWd8zBWyDFsLxIK3x0T%2B2DcwInOfPsGYXt%2FS0Ii4Fe%2FVqwbqBOHPXH0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e96a91d7449-MIA
expires: Tue, 06 Feb 2024 20:46:45 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame 3E22 0
434 B 80ms
78ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-t: 0.71
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbaWfOyxqsHQvD5T6el97o1sEkduG1MegnUBOO%2F9KPIwCmnQi68KqzwteThZ8iLTJNBgtTVGBVjeM9j%2FUhOSX7mIjkD9WHBoAZvsfzbVHJmfxW2uj%2FlVNng5kDe2B0npYJh53uMCl%2FVQ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 85163e96aa74daa9-MIA
expires: Tue, 06 Feb 2024 20:21:03 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 3E22 33 KB
11 KB 212ms
210ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37194
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: sUGBmuwsrZBDzg7WdHM6Jpd0g36N0wd5VvgD5gcSz-u03wYONHDfTA==

GET
H2 200 /
t.dtscout.com/pv/ Frame 3E22 0
283 B 113ms
112ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=4&_ls=6&_cc=us&_pl=d&_b=chrome%40121&_cbid=5b0c&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
x-t: 0.109
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZPPP7trZYSTPzyn0pUNDOqO3AeRO57N8luYrZJuZuOAj2uMF1NmKzq%2FGVcArkDCJ8VHXld5SXcufOfZvVNQO9hlqp4tN6La4a4x3akVHiXpL0fROY3Fxru45WqErE7gos2%2BisocJlt1bbw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e96a9277449-MIA
expires: Tue, 06 Feb 2024 20:46:45 GMT

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame 4FE2 437 B
572 B 200ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-197069809&@b3:1707252407&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 03A6 0
289 B 65ms
65ms Image
text/plain 23.48.224.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHsABWXCmpkAAAAICHS3Aw%253D%253D&tt=t.dhj&dhjLcy=1707252400559&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23383&ell=d&cck=__stid&dmn=vip.badutprediction.info&pn=%2Fprediksi-singapore%2F&qs=na&cc=US&cont=NA&evid=PpFLA2YA9svKyuKxw5BN&urls=&rnd=1707252406864&cid=c010&version=1.1280.23383&cc=US&cont=NA&cls=C&repeat=0&htmLcy=4930&bcnLcy=1048

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.78 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-78.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23383&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Feb 2024 20:46:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Tue, 06 Feb 2024 20:46:46 GMT

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame A843 167 B
447 B 59ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:46 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
DATA 200
OK truncated
/ Frame FAE5 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js
s10.histats.com/ Frame 0AEB 11 KB
5 KB 44ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38069
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e9818152886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 3EB8 10 KB
2 KB 261ms
260ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:47 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 7CCC 167 B
447 B 59ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 cc_302.js
s10.histats.com/counters/ Frame B2C4 22 KB
12 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22830
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e9828232886-MIA
content-length: 12201

GET
H2 200 /
e.dtscout.com/e/ Frame B2C4 6 KB
3 KB 119ms
119ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%203D%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-110786540&@b3:1707252401&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-t: 0.257
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLiXiAc%2BU%2ByWI88MJdFPaqyoUZdwQy6OTXGmWvXxVZrzD6cIFVcQ%2B58Rzk8qxGoJWfwkIxEjeXYe4oi1gm04Q4oFOxVXgrOKBJJieJY6cfnUT6hgvuRmDIVSJHFlqxhTKoOAk9Pe9gJ4afc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e982c4f7449-MIA
expires: Tue, 06 Feb 2024 20:46:46 GMT

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame F84C 437 B
572 B 201ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-554360&@b3:1707252407&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:38 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3018.js
s10.histats.com/counters/ Frame 2C63 18 KB
8 KB 53ms
52ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74841
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e9828282886-MIA
content-length: 7830

GET
H2 200 /
e.dtscout.com/e/ Frame 2C63 6 KB
3 KB 135ms
134ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:21201709&@b3:1707252402&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-t: 0.246
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HYMyp%2FjMQvRtjcgpRr2HSxfmmnZemzd867RWxmdSv71XfvhzxB0OM%2FGwJ0WUOP4pcf3LYti8jjUoy9PHDZ08fuQZKGqFBnruhTwKgyhRdr%2B5INgtzYpnMvM8EVEBmhJrdQC4mipCn2FYo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e982c627449-MIA
expires: Tue, 06 Feb 2024 20:46:46 GMT

GET
DATA 200
OK truncated
/ Frame 8BD6 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 0AEB 75 KB
76 KB 42ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 21
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163e98cf504c02-MIA
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ Frame 1D72 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
vip.poltar2d.info/paito-warna-sydney/ Frame 3F89
Redirect Chain

https://vip.poltar2d.info/paito-warna-sydney
https://vip.poltar2d.info/paito-warna-sydney/

276 KB
38 KB

330ms
330ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-sydney/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/rekap-angka-4d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:47 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/99>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=99>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:47 GMT
location: https://vip.poltar2d.info/paito-warna-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js
bungaprediction.top/ Frame C629 15 KB
3 KB 356ms
355ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame FAE5 0
462 B 84ms
81ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-t: 1.07
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is45L2Yw7VTzhYO2obBDxFTMhl5%2FKa%2FE5m%2FlLnjDUhT%2F%2FHr%2FfdfATx7bbNv0OGii55QwI4NySWP5rPEGwUP5ggE%2BUFqv%2FgoYtNgWR5hMyCwcD3RWsuYCGiaaA65iaugMcOHcmqINoxLElg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 85163e9c4bf2daa9-MIA
expires: Tue, 06 Feb 2024 20:47:23 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame FAE5 33 KB
11 KB 118ms
114ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37195
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: hGlfm_3BxmA97rQ394wLlvmYjBTP73HjBsrDSNBToAyOOYiiGjOC8g==

GET
H2 200 /
t.dtscout.com/pv/ Frame FAE5 0
287 B 134ms
132ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=6&_ls=9&_cc=us&_pl=d&_b=chrome%40121&_cbid=aply&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
x-t: 0.096
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNGpsEKOVtoGsSEq7VSccQOcf39y%2FdhubwGNgR0Sxfp%2BMzy7h6FG3%2BEQXaRF8zUGchd8KzhdPaL0mcubzXIzyrtPXY6tfUOlVbfHzVDMhJ13g1YcWJ%2F8vP9qiUjTGMgL4rR%2BJLYJSdvK2Bs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e9c4c877449-MIA
expires: Tue, 06 Feb 2024 20:46:46 GMT

GET
H3 200 ht.webp
vip.badutprediction.info/wp-content/uploads/2024/02/ Frame B45E 135 KB
135 KB 258ms
257ms Image
image/webp 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vip.badutprediction.info/wp-content/uploads/2024/02/ht.webp

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:47 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sun, 04 Feb 2024 00:45:33 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 137792
expires: Tue, 13 Feb 2024 20:46:47 GMT

GET
DATA 200
OK truncated
/ Frame B45E 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 81BE 0
0 78ms
73ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=52962
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:47 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: 4FyWwD7AJ-y4It6zAtC591aEUpefIYBFx4yrlP5owffjcHRbtavulA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame 9733
Redirect Chain

https://um.simpli.fi/lj_match?r=97473
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

61ms
59ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:47 GMT

GET
H2

200

merge
ce.lijit.com/ Frame 788F
Redirect Chain

https://um.simpli.fi/lj_match?r=90475
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

62ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:48 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:47 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:47 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 9733 0
72 B 81ms
79ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:47 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 788F 0
72 B 83ms
81ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:47 GMT
content-length: 0
vary: Origin

GET
H2 200 /
onetag-geo.s-onetag.com/ Frame BF94 50 B
462 B 68ms
68ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:41 GMT
via: 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36426
x-amzn-requestid: ec45575c-838f-4baa-a95d-f2d30f760734
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbhHFSMiYcEqUQ=
content-length: 50
x-amz-cf-id: l4jao4lvLYKhBTbj2eBTLe_d2ozsDU_iJQJOTyYRTP8Aq-3n9oDuJA==

GET
H3

200

/
vip.poltar2d.info/rekap-kumat/ Frame E302
Redirect Chain

https://vip.poltar2d.info/rekap-kumat
https://vip.poltar2d.info/rekap-kumat/

102 KB
24 KB

332ms
331ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/rekap-kumat/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:48 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/191>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=191>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:48 GMT
location: https://vip.poltar2d.info/rekap-kumat/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame E203 43 B
573 B 65ms
63ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=51655

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:48 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 /
onetag-geo.s-onetag.com/ Frame 163E 50 B
454 B 66ms
63ms Fetch
application/json 18.238.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-90.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 10:39:41 GMT
via: 1.1 2741f1723d261cac06de387e29ba4cbc.cloudfront.net (CloudFront), 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, PHL51-P1
age: 36427
x-amzn-requestid: ec45575c-838f-4baa-a95d-f2d30f760734
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: StbhHFSMiYcEqUQ=
content-length: 50
x-amz-cf-id: FIg0bxyC_ywzhJeNsF6itk0ExMdTO28X6PdVguKxDXIfHdFG5WvPbQ==

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 6D61 167 B
451 B 62ms
61ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H3 200 cm.php
rankcrack.com/ Frame 33B5 1 KB
788 B 781ms
778ms XHR
text/html 2606:4700:3036::6815:db7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/cm.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:db7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: text/html, */*; q=0.01
Referer: https://rankcrack.com/live-draw-cambodia.php
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThpFWBkb5L%2BDnpxiHTtzrXdRrDcszjfbNs6TycuM7i%2Bk%2B%2BE7qoiTaaF6AXGLiC5HCLih2%2FxVaZtbccLOyRIKK8WSgVeYxMVD%2B%2FIX64FyrzClbP2y5SWLTPlA7f2qzsmv4cCFnDWIe0X5TxB9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 85163e9e7c719af1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
t.dtscdn.com/widget/ Frame 1D72 0
438 B 93ms
91ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&r=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 1.08
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NICO2HEy6Rd3dzyPKTuMvpBopjt4FOz5sKI%2F4SSNNa0NW%2BHW8Ir45t5IULvlWM2FHSvsQ7MucCgICIpHvyI2TOKMVC03SwqAoizDdeTWsPrlhn5bfHKJdj8RyTDe7K3EGYYOhXnuoUq9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163e9eafcddaa9-MIA
expires: Tue, 06 Feb 2024 18:26:18 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1D72 33 KB
11 KB 114ms
112ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37196
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: hQNe-K10V4QZuG_URXGvEMkcIRlwN9WqRwEfigfK_hgh0iqGVv0GGg==

GET
H2 200 /
t.dtscout.com/pv/ Frame 1D72 0
420 B 121ms
119ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=7&_ls=9&_cc=us&_pl=d&_b=chrome%40121&_cbid=753c&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 0.119
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YxUel9UaQJs%2FmK1N8QKoOuEqvATHTKBc13AkqljHORQJfXURIDZBQZFzWcbVrgp70KBUSSf2GsjvejyYaI%2F%2BbmOPuNi9cx9296kbKCvsObWGfd4NcovydnhpBq2lsF17dTdzZdUfK4LFhs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163e9ea9ab7449-MIA
expires: Tue, 06 Feb 2024 20:46:47 GMT

GET
DATA 200
OK truncated
/ Frame F8DB 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4773874.php
s4.histats.com/stats/ Frame C66C 434 B
569 B 202ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-189961945&@b3:1707252408&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:40 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3018.js
s10.histats.com/counters/ Frame 6F0E 18 KB
8 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74842
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e9fad8f2886-MIA
content-length: 7830

GET
H2 200 /
e.dtscout.com/e/ Frame 6F0E 6 KB
3 KB 113ms
113ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-159664739&@b3:1707252404&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 0.385
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1RVl6YlNm9Azluf%2BpwrU5h8%2FbNHVRlIIy0p27n2B1dHXApb6sZgYvgaYF90FGU2a%2B4LTgCrwewZitKjDYH16QVL5sRS%2B%2FZ5AnZhYejNW%2F17BX2r6xE3Jlf9Go%2BxpkDiUCU9ft0FGCQh8%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e9faba27449-MIA
expires: Tue, 06 Feb 2024 20:46:47 GMT

GET
H2 200 cc_3018.js
s10.histats.com/counters/ Frame CF4E 18 KB
8 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74842
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163e9fad912886-MIA
content-length: 7830

GET
H2 200 /
e.dtscout.com/e/ Frame CF4E 6 KB
3 KB 132ms
131ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-41162992&@b3:1707252404&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 0.261
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0w5DwrjB0rFM4TQMfDUHBw1FvCVgWb%2B3Il9BlS8Rp%2Fn6oJ6lwJWyyjlGewl8YTFhdsltNMT6rRvbhuXBwCdIaJYiQ0xlBFAWjWXL%2FZJoxa4gBmFXWogE9A6YCjHb7e9sIruoCfIW66qBHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163e9faba97449-MIA
expires: Tue, 06 Feb 2024 20:46:47 GMT

GET
H3 200 bbjs.js
bungaprediction.top/ Frame 8B7B 15 KB
3 KB 353ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3

200

/
vip.poltar2d.info/prediksi-japan/ Frame AF9F
Redirect Chain

https://vip.poltar2d.info/prediksi-japan
https://vip.poltar2d.info/prediksi-japan/

103 KB
24 KB

673ms
672ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-japan/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-hongkong/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:48 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/89>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=89>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:48 GMT
location: https://vip.poltar2d.info/prediksi-japan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 bbjs.js
bungaprediction.top/ Frame 3EB8 15 KB
3 KB 353ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H2

200

sync
thrtle.com/ Frame 6746
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=92218228-39bc-478f-b82a-f4e5b53fbe91
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=8BC943F382EAC9BE94D5FD5C31ED830D

43 B
541 B

64ms
63ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=8BC943F382EAC9BE94D5FD5C31ED830D
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/live-japan/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:48 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:48 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location: https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=8BC943F382EAC9BE94D5FD5C31ED830D
cache-control: max-age=0, no-cache, no-store
cf-ray: 85163ea0ee8c5c6b-MIA
content-length: 0

GET
H2

200

sync
thrtle.com/ Frame A1B6
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=92218228-39bc-478f-b82a-f4e5b53fbe91
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=1322DC2CAE5CEC9A8FE68D7FF19D6766

43 B
541 B

61ms
60ms

Image
image/gif

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=1322DC2CAE5CEC9A8FE68D7FF19D6766
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Tue, 06 Feb 2024 20:46:48 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:48 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location: https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=1322DC2CAE5CEC9A8FE68D7FF19D6766
cache-control: max-age=0, no-cache, no-store
cf-ray: 85163ea0ee915c6b-MIA
content-length: 0

GET
H2 200 js15_as.js
s10.histats.com/ Frame 4DAE 11 KB
5 KB 44ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38070
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea06ee82886-MIA
content-length: 4547

GET
H2 200 js15_as.js
s10.histats.com/ Frame 4A5B 11 KB
4 KB 64ms
63ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38070
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea07eff2886-MIA
content-length: 4547

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 2F03 5 KB
2 KB 62ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3288
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: BaFyBqa9lKGuWc6HTaAkfe6zrm6XiwXj4gDN2oIeKF4qiCMthsrQSQ==

GET
H2 200 /
t.dtscdn.com/widget/ Frame 686D 0
415 B 89ms
88ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 1.39
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CuwVsxxc3wdCaKTGcF9f6sUnWSJqIYTUCsBSZ76iRdtHRKDjYtUrUMH73aLz2yS6oOhX1z5xyw7S31XMC9DsMffaCYfeSEkywpy45y%2Bmj3RGCYogGOvRGYUfbCJRpledEFRPNkF3ZB7jGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163ea0ab87daa9-MIA
expires: Tue, 06 Feb 2024 18:26:19 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 686D 33 KB
11 KB 114ms
113ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37196
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: QU_Sjs3lTl-VDes0SS-_xGOZ6bFl1u_jTbqvOLHmqVZR1P6GCFHPMQ==

GET
H2 200 /
t.dtscout.com/pv/ Frame 686D 0
290 B 120ms
119ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=1ge24yh5km&_pv=2&_ls=25&_cc=us&_pl=d&_b=chrome%40121&_cbid=76ic&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flive-cambodia.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nrmf5vtv8dk9GhMUY3Y6luarcGiiCuyOVCDbH6Q5P12flRBKO%2Fv91fGa8v3N4XOkmstsauc3qvx2lrEFBaMcfh%2Fua9BXxK%2Bq4fLbZjrAhaekHGuRaCN1hp2U6T8ofUAwAFfsNhvZCUbu5%2Fg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ea0ad897449-MIA
expires: Tue, 06 Feb 2024 20:46:47 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 3F89 108 KB
13 KB 276ms
274ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 3F89 227 B
273 B 279ms
275ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 3F89 2 KB
353 B 281ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 3F89 28 KB
8 KB 281ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 3F89 86 KB
29 KB 287ms
283ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 3F89 13 KB
5 KB 318ms
314ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 3F89 157 KB
26 KB 38ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317932
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 3F89 30 KB
7 KB 47ms
43ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674374
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ea0bbdf7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 3F89 21 KB
8 KB 37ms
34ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498533
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 3F89 62 KB
16 KB 39ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268458
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 3F89 258 KB
258 KB 231ms
229ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:48 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 3F89 4 MB
4 MB 314ms
311ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:48 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 3F89 53 KB
53 KB 255ms
254ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:48 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 3F89 652 KB
652 KB 220ms
218ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 3F89 397 KB
397 KB 258ms
257ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 3F89 443 KB
443 KB 376ms
365ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 3F89 829 KB
829 KB 323ms
314ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 3F89 736 KB
736 KB 307ms
298ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 3F89 1 MB
1 MB 277ms
268ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 3F89 2 MB
2 MB 556ms
547ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 3F89 1 MB
0 2210ms
2201ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 3F89 733 KB
733 KB 247ms
239ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 3F89 2 MB
2 MB 333ms
325ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 3F89 812 KB
812 KB 358ms
352ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 3F89 659 KB
659 KB 239ms
233ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 3F89 1 MB
1 MB 311ms
305ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 3F89 718 KB
718 KB 304ms
299ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 3F89 309 KB
309 KB 223ms
217ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 3F89 1 MB
1 MB 307ms
302ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 3F89 173 KB
173 KB 299ms
295ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 3F89 95 KB
32 KB 276ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 table.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 3F89 2 KB
780 B 278ms
278ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 warna.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame 3F89 13 KB
3 KB 278ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3215
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 3F89 65 KB
65 KB 241ms
237ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 3F89 3 KB
1 KB 313ms
309ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3F89 8 KB
2 KB 289ms
278ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2473
expires: Tue, 13 Feb 2024 20:38:53 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3F89 6 KB
2 KB 568ms
557ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 3F89 112 KB
34 KB 291ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 3F89 4 KB
2 KB 320ms
310ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame F8DB 11 KB
4 KB 48ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38070
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea0dfdd2886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame D4EC 10 KB
2 KB 261ms
260ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame C47F 167 B
447 B 59ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame 0AEB 18 KB
5 KB 324ms
323ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:48 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame F8DB 75 KB
76 KB 41ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 22
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ea17e4f4c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 89D5 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3288
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PfDauqY5LhapzaH9mf06rZV0Yal6Qnbq1T6Avec432fY5it3Fgypaw==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame BF94 5 KB
2 KB 66ms
65ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3288
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: k6hd3BxIXKBsMa7lLp5bYoLJ2Wr4c_aThaZ8ENv4X6IefrKK2_8tdw==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 163E 5 KB
2 KB 67ms
60ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3288
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: qWot5cIxjAD5_fF9JryI_abyasJTkx0MMtgelLqSkYSL3y7n3QR46g==

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame FAB9 437 B
572 B 204ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-100631622&@b3:1707252409&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:40 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame B45E 311 B
341 B 261ms
255ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame B45E 11 KB
4 KB 179ms
171ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38070
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea35ca82886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.roomangkasa.top/ Frame CC21 10 KB
2 KB 270ms
267ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.roomangkasa.top/poltar.php

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2399
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:48 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 /
vip.zonaprediction.com/ Frame 078D 112 KB
25 KB 415ms
412ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
link: <https://vip.zonaprediction.com/wp-json/>; rel="https://api.w.org/" <https://vip.zonaprediction.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://vip.zonaprediction.com/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 /
t.dtscdn.com/widget/ Frame C903 0
560 B 82ms
79ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 1.17
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiCKVAtJTriQN9w0WIOT8jevtVPU96XxPmHPigNXP4e4v1Uv1lMt8EbTR907eLUc0eaLzyZ9MdYQXnDLtAIGem8KJEmH4R5S92AE1zD9mHnfHGuooYPhFe82zL%2Fl7iUMLf0uK8L%2B%2BqTOzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 85163ea35fd3daa9-MIA
expires: Tue, 06 Feb 2024 20:50:27 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C903 33 KB
11 KB 115ms
113ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37196
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: FCxeDa1mzCHFbaoL7amls_OcWr-Nb9hzGxu6k9ycrByRN74egoHCqA==

GET
H2 200 /
t.dtscout.com/pv/ Frame C903 0
281 B 126ms
124ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=602u201chl&_pv=5&_ls=27&_cc=us&_pl=d&_b=chrome%40121&_cbid=5bk2&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAR6AvbemMpyYVplUjp%2FpaqIucuecr964w3VKm4nKVcpQe4hA2Qo5XWBXlMfegRonYGAv9%2BfX9827vSbeSNvhGZMJjcj8rL8oAXkqxvKPiquBT18rvosIHeWHwrDbAmIRjWpaOCxkteJdnI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ea35c527449-MIA
expires: Tue, 06 Feb 2024 20:46:47 GMT

GET
DATA 200
OK truncated
/ Frame F3D9 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 027B 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame B45E 75 KB
76 KB 57ms
56ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 30
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3d3ece69f75ef205f2fe9930c0d8e427
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ea3a9b94c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 /
t.dtscdn.com/widget/ Frame F3D9 0
438 B 86ms
82ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-t: 1.13
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYeIGcO9Hr%2FB1BAx4qmFW7O0FKAP4R5RwQ3qVXVYUyC1GRCL8bPdJIBX6cPwY0lkl1eCJvfVgJfg6WLO90OkTidpoWpz94Cx%2FNQ2pBkf%2FbtDEve7jy3cEASXF4Wl%2F8FkOYxB%2Bcw%2FkCzWBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163ea3d863daa9-MIA
expires: Tue, 06 Feb 2024 20:44:16 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame F3D9 33 KB
11 KB 107ms
104ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37196
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: kDmdyhptT5dVKmgcq5ZGXtn8H560y4Xc8MGN3SmzMnFQYduXlnLDzg==

GET
H2 200 /
t.dtscout.com/pv/ Frame F3D9 0
305 B 118ms
115ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=8&_ls=10&_cc=us&_pl=d&_b=chrome%40121&_cbid=30zq&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 0.096
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akFw1Gw%2BTVpHRFPwUDAd%2BVVjugZ9Emx7NzHdLy77rlrC6YdA3Er9n9yL8ql%2B7b%2Bjdf2LeebSCAVZ5Ny9JlJ0zGN2g8Hh9yn4a39lvH7e1PXw5iPlyQV4q58ZfzBxnXJaT%2FFP8wHkVk8pFs4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ea3ddcc7449-MIA
expires: Tue, 06 Feb 2024 20:46:47 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame E189 43 B
573 B 65ms
63ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=39999

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:48 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame FAB9 18 KB
5 KB 328ms
327ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-angka-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-angka-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 9733 43 B
573 B 64ms
63ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=76641

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:48 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 131B 85 B
482 B 83ms
81ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647801
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: GBaYOBwpiHrnIJ2_Z6a5N7en6rqcG7JzBuIWLqAvTdHavQ1zqsOwJw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 788F 43 B
573 B 65ms
64ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=97289

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:48 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 5CFD 85 B
481 B 81ms
81ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647801
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: Bql5_biKQBZDbd5v886qaWemdLhtWImYV6zF4y2btdDtI3iofrZftw==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 4C03 167 B
452 B 60ms
58ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H/1.1 200
OK 4709802.php
s4.histats.com/stats/ Frame 2C71 436 B
571 B 202ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-84766503&@b3:1707252409&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:40 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame F8DB 18 KB
5 KB 297ms
295ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/buku-mimpi-4d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3

200

/
vip.poltar2d.info/live-china/ Frame 6361
Redirect Chain

https://vip.poltar2d.info/live-china
https://vip.poltar2d.info/live-china/

100 KB
24 KB

323ms
322ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-china/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/buku-mimpi-4d/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/buku-mimpi-4d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/274>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=274>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
location: https://vip.poltar2d.info/live-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame E302 108 KB
13 KB 279ms
275ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame E302 227 B
273 B 402ms
398ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E302 2 KB
353 B 402ms
399ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame E302 28 KB
8 KB 404ms
400ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame E302 86 KB
29 KB 428ms
425ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame E302 13 KB
5 KB 419ms
416ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame E302 157 KB
26 KB 41ms
38ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317933
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame E302 30 KB
7 KB 52ms
49ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674375
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ea51e6a7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame E302 21 KB
8 KB 43ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498534
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame E302 62 KB
16 KB 43ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268458
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame E302 258 KB
258 KB 266ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame E302 4 MB
4 MB 328ms
326ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame E302 53 KB
53 KB 264ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame E302 652 KB
652 KB 339ms
336ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame E302 397 KB
397 KB 210ms
209ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:49 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame E302 443 KB
443 KB 489ms
483ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame E302 829 KB
829 KB 485ms
480ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame E302 736 KB
736 KB 259ms
253ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame E302 1 MB
1 MB 491ms
486ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame E302 2 MB
0 471ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame E302 371 KB
0 2537ms
2533ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame E302 733 KB
733 KB 275ms
271ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame E302 1 MB
0 475ms
471ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame E302 812 KB
812 KB 498ms
494ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame E302 659 KB
659 KB 262ms
259ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame E302 1 MB
1 MB 526ms
522ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame E302 718 KB
718 KB 270ms
266ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame E302 309 KB
309 KB 270ms
267ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame E302 1 MB
1 MB 484ms
480ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame E302 173 KB
173 KB 250ms
247ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame E302 65 KB
65 KB 486ms
483ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame E302 3 KB
1 KB 356ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E302 8 KB
2 KB 284ms
283ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E302 6 KB
2 KB 280ms
279ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame E302 112 KB
34 KB 278ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame E302 4 KB
2 KB 295ms
289ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/rekap-kumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 bbjs.js
bungaprediction.top/ Frame D4EC 15 KB
3 KB 357ms
356ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E203 0
142 B 98ms
97ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=19504&pu=https://vip.badutprediction.info/prediksi-singapore/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:48 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9F156F27BBF54F9ABC596B54F5E2A195 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK1j7WjMFkkGMP5kNg==

GET
H2 200 js15_as.js
s10.histats.com/ Frame 8BD6 11 KB
5 KB 56ms
55ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38071
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea53ffd2886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 69C6 10 KB
2 KB 261ms
261ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame 8BD6 18 KB
5 KB 385ms
384ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 8BD6 75 KB
76 KB 116ms
116ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 23
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ea54baf4c02-MIA
cdn-requestpullsuccess: True

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4FE2 230 B
529 B 37ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4FE2 231 B
530 B 37ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame 0AEB 437 B
572 B 220ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:1485924&@b3:1707252409&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-hongkong%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:41 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3018.js
s10.histats.com/counters/ Frame F84C 18 KB
8 KB 57ms
55ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74843
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea7de282886-MIA
content-length: 7830

GET
H2 200 /
e.dtscout.com/e/ Frame F84C 7 KB
3 KB 130ms
129ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-554360&@b3:1707252407&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 0.298
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctcRNUAjBulTNih%2BXWt5%2BMvL3hWZmddE2M2NqU2duGQZBrL0IfVtS5zpuiP1DdG0aVIV%2FyR8Y65St4p3LYbzfnwW0O3VTiSvMz09dJS2Gm4kYCsJqNI1Mcl4ISTL0E%2F0SerIAFRxd%2BSRYz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163ea7efae7449-MIA
expires: Tue, 06 Feb 2024 20:46:48 GMT

GET
H3 200 wp-emoji-release.min.js
vip.zonaprediction.com/wp-includes/js/ Frame 2C71 18 KB
5 KB 336ms
336ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H3 200 /
tabelpakde.com/live-draw-hk/ Frame 7BC1 28 KB
6 KB 48ms
47ms Document
text/html 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/live-draw-hk/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1887
alt-svc: h3=":443"; ma=86400
cache-control: max-age=120
cf-cache-status: HIT
cf-ray: 85163ea7e8a6da3f-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
last-modified: Tue, 06 Feb 2024 20:15:22 GMT
link: <https://tabelpakde.com/wp-json/>; rel="https://api.w.org/" <https://tabelpakde.com/wp-json/wp/v2/pages/1433>; rel="alternate"; type="application/json" <https://tabelpakde.com/?p=1433>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ad9JZeP2RkZA4kHtK7FG%2FIcUsBXahwr6EiUkI4jAAbtkVsK2h31SmUi2P8FBfkIQkW3l5QE8f88HPVSr3sEl5DGgq5%2FuGZZE4oPemnBYgF6Ye93aGdsbYuY36eh9adFUSD%2BHvVc757bm1QtobQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 js15_as.js
s10.histats.com/ Frame 027B 11 KB
4 KB 54ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38071
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea7ee422886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame F8FD 10 KB
2 KB 262ms
261ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 js15_as.js
s10.histats.com/ Frame C629 11 KB
4 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38071
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea80e662886-MIA
content-length: 4547

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame 4FE2 16 KB
6 KB 46ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30529
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ea80e672886-MIA
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame 4FE2 6 KB
3 KB 126ms
125ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-197069809&@b3:1707252407&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 0.237
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUHbf3YgKgjlAqtds34Db3kinLkYCdxGQGgzSWCVLgf3R2fa5k6dPMyc95PpUi1WJEkQbqtugeqgAfUNXmHDjW2jJxovLwZvTa6ys4XtRYJaj%2FJiJeSM1dVfRKfqGZV6B%2BQcN%2B1pbuPuacY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163ea80ff07449-MIA
expires: Tue, 06 Feb 2024 20:46:48 GMT

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame DC7D 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3289
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: MR0PZx_xR84i6m8JYKiSqWENTlxJExO3EfMN7zhuDCYRtKqeKome3g==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 0965 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3289
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: g9Dz-_iG6jAWqAnbCOFHMIS905bZoMK0JNe8Weecpbmu5grqy640Sg==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 3E22 5 KB
2 KB 61ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3289
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: UPwJghcZnxtP7T8pdNH5TmOEa2HupJnpEkARx6nqUqhtWc1FSBJ97A==

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 5C0B 43 B
177 B 69ms
69ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:49 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame A6AF 43 B
177 B 82ms
68ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:49 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame B2C4 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 027B 75 KB
76 KB 42ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 23
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ea898494c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 131B 766 B
1 KB 62ms
61ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650865
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: hpq4luVV1eYn7YJBMVTRMMH_Pgcc8TJGCqbrdwXtGRpIWUpigygnvw==

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 5CFD 766 B
1 KB 62ms
62ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650865
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: kHiOR4GsyFhoxJOE2cWYaSlZBarPYB4fILP49l-dAj2a5p8AL67rhg==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 6746 0
72 B 68ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://w1.bungaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:49 GMT
content-length: 0
vary: Origin

GET
H3 200 bbjs.js
bungaprediction.top/ Frame CC21 15 KB
3 KB 353ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:49 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame B2C4 0
441 B 91ms
88ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&r=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 1.98
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdSsbryAacfGXd%2FzZzfbQQILLzTzZ7Tt2eYJ5OlB%2FeIds0Al3MDUZlpYKLI9XxohHFXpf8ZeOf49T1zZ6zPGr7twrXiI41S9KdMFwn1eN5EkkmNfjtErVns8y7x%2BUGn4Ar1LVPjg%2BZT5kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163ea969b8daa9-MIA
expires: Tue, 06 Feb 2024 20:44:17 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B2C4 33 KB
11 KB 114ms
112ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37197
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 7eEwphO5z6hs9wRuiBdMS-7aUJhPIUkhRSufkw5f4mfKbrEvC59Nxg==

GET
H2 200 /
t.dtscout.com/pv/ Frame B2C4 0
288 B 112ms
111ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.badutprediction.info&_ss=3ea10jbm6h&_pv=6&_ls=31&_cc=us&_pl=d&_b=chrome%40121&_cbid=3c69&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 0.098
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqWc0l9sxmmkR946F3XtaNuvA11a38Nj4P6wkmPUSnQSuJHFArJoE0WwEQuYFnqc%2Fy5Qv9Kqtw7R79%2FN12UBROYYknKiWZt%2F2SrwslLJ5t%2BzRWrccoI%2Bz8G1zubSoQz8%2F04JUTlXCKyjxlM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ea96a537449-MIA
expires: Tue, 06 Feb 2024 20:46:48 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame 2C63 0
434 B 100ms
98ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FPfHahXDo%2B%2BROL3Yjvk3SVczFOr1TtS%2BiiX9ANM1ke3jgOMHWMDVSAOu7UzFlMS1VaMktjJy%2BcLgAUSgYVHZtlOaIptbobgSzhlSSxZZ3h56KajigHTQag0ZyhQthKlySzy0v43hqVZLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85163ea969cddaa9-MIA
expires: Tue, 06 Feb 2024 19:52:42 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2C63 33 KB
11 KB 155ms
154ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37197
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: MywSRw_l-qVqOQvx1Hum5c6yoBSC09J-B4EWxILYLkHYBoi84BKqsg==

GET
H2 200 /
t.dtscout.com/pv/ Frame 2C63 0
382 B 118ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=5&_ls=9&_cc=us&_pl=d&_b=chrome%40121&_cbid=1lu2&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-t: 0.102
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUn3bZ0pzBNBQijd0KQ%2BldZTR3e9JR%2FUH%2BM2c2m7%2Bz%2F7OzO4DFETDnOUSftImn1MxqYaA8e2sT%2B%2BAb9yYvVswdBPzARCF1BBwvIuYgUW4cfobQ71%2FKY8D%2FHVStlUDA6FoO27WhA68oI3QP8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ea96a5e7449-MIA
expires: Tue, 06 Feb 2024 20:46:48 GMT

GET
H3

200

/
vip.poltar2d.info/live-sydney/ Frame 1E73
Redirect Chain

https://vip.poltar2d.info/live-sydney
https://vip.poltar2d.info/live-sydney/

101 KB
24 KB

325ms
324ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-sydney/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:50 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/249>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=249>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:49 GMT
location: https://vip.poltar2d.info/live-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame AF9F 108 KB
13 KB 283ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame AF9F 227 B
273 B 288ms
282ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame AF9F 2 KB
353 B 288ms
282ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame AF9F 28 KB
8 KB 289ms
283ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame AF9F 86 KB
29 KB 292ms
286ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame AF9F 13 KB
5 KB 317ms
307ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame AF9F 157 KB
26 KB 50ms
40ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317934
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame AF9F 30 KB
7 KB 54ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674376
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eaa7a1f7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame AF9F 21 KB
8 KB 46ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498535
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame AF9F 62 KB
16 KB 46ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268459
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame AF9F 258 KB
258 KB 243ms
234ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame AF9F 4 MB
4 MB 342ms
334ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame AF9F 53 KB
53 KB 217ms
216ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame AF9F 652 KB
652 KB 260ms
260ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame AF9F 397 KB
397 KB 263ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame AF9F 443 KB
443 KB 321ms
313ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame AF9F 829 KB
829 KB 323ms
316ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame AF9F 736 KB
736 KB 356ms
348ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame AF9F 1 MB
1 MB 482ms
475ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame AF9F 1 MB
0 477ms
470ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame AF9F 966 KB
0 1562ms
1555ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame AF9F 733 KB
733 KB 503ms
497ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame AF9F 1 MB
0 472ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame AF9F 812 KB
812 KB 437ms
432ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame AF9F 659 KB
659 KB 343ms
338ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame AF9F 1 MB
1 MB 494ms
489ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame AF9F 718 KB
718 KB 459ms
455ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame AF9F 309 KB
309 KB 572ms
568ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame AF9F 1 MB
1 MB 389ms
385ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame AF9F 173 KB
173 KB 317ms
314ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame AF9F 65 KB
65 KB 314ms
310ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame AF9F 3 KB
1 KB 328ms
324ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AF9F 8 KB
2 KB 353ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AF9F 6 KB
2 KB 298ms
297ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AF9F 112 KB
35 KB 298ms
290ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35895
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame AF9F 4 KB
2 KB 329ms
321ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1641
expires: Tue, 13 Feb 2024 20:40:01 GMT

GET
H3 200 style.min.css
vip.zonaprediction.com/wp-includes/css/dist/block-library/ Frame 078D 108 KB
13 KB 342ms
336ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:10:22 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 cwp.css
vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 078D 227 B
284 B 343ms
337ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
vary: User-Agent
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 sidebar-login.css
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 078D 2 KB
353 B 347ms
342ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 style.css
vip.zonaprediction.com/wp-content/themes/asteroid/ Frame 078D 28 KB
8 KB 347ms
342ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 jquery.min.js
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 078D 86 KB
29 KB 362ms
357ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 jquery-migrate.min.js
vip.zonaprediction.com/wp-includes/js/jquery/ Frame 078D 13 KB
5 KB 425ms
420ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 078D 157 KB
26 KB 46ms
41ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317934
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 078D 30 KB
7 KB 50ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674376
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eaa7a257494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 078D 21 KB
8 KB 45ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498535
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 078D 62 KB
16 KB 46ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.zonaprediction.com/
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268459
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 078D 258 KB
258 KB 254ms
251ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 078D 4 MB
4 MB 336ms
333ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 078D 53 KB
53 KB 266ms
266ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 078D 652 KB
652 KB 283ms
283ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 078D 397 KB
397 KB 207ms
206ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 078D 443 KB
443 KB 424ms
418ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 078D 829 KB
829 KB 472ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 078D 736 KB
736 KB 711ms
661ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 078D 1 MB
1 MB 520ms
470ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 078D 1 MB
0 424ms
375ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 078D 678 KB
0 1767ms
1717ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 078D 733 KB
733 KB 678ms
629ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 078D 1 MB
0 458ms
409ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 078D 812 KB
812 KB 589ms
541ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 078D 659 KB
659 KB 425ms
376ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 078D 1 MB
1 MB 429ms
381ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 078D 718 KB
718 KB 502ms
454ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 078D 309 KB
309 KB 665ms
618ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 078D 1 MB
0 563ms
515ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 078D 173 KB
173 KB 423ms
375ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H/1.1 200
OK 4709802&101.gif
s4is.histats.com/stats/i/ Frame 078D 1 KB
1 KB 253ms
69ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4709802&101.gif?4709802&101
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:51 GMT
Connection: close
ETag: -103644268
Content-Length: 1034
Content-Type: image/png

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 078D 65 KB
65 KB 540ms
493ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 078D 8 KB
2 KB 382ms
382ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 regenerator-runtime.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 078D 6 KB
2 KB 375ms
372ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill.min.js
vip.zonaprediction.com/wp-includes/js/dist/vendor/ Frame 078D 112 KB
34 KB 341ms
340ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 frontend.js
vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/ Frame 078D 4 KB
2 KB 401ms
395ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonaprediction.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 bbjs.js
bungaprediction.top/ Frame 69C6 15 KB
3 KB 353ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E189 0
227 B 93ms
83ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=4261&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:49 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: B2B1D88B479245D89F2FC06604C896F2 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:50Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK1xly9fMBd0i87HHg==

GET
H2

204

sync
thrtle.com/ Frame 4093
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D16%26_t%3D1707252410%26_rea...
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_ts=16&_t=1707252410&_reach=1

0
467 B

64ms
63ms

Image
text/plain

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_ts=16&_t=1707252410&_reach=1
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:50 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=1ef63964d0079f7f2fddeaf925caff58&vxii_ts=16&_t=1707252410&_reach=1
cache-control: no-cache
x-server: 10.40.53.193
content-length: 0
expires: 0

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame A843 43 B
177 B 74ms
66ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:50 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js
vip.badutprediction.info/wp-includes/js/ Frame B45E 18 KB
5 KB 257ms
256ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame FAE5 5 KB
2 KB 62ms
62ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3290
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: d1Yoyn_lq8a0OCqBv9VMb5HEayMBMOfOPBoBKLlneZ7j1-5GJeRq4w==

GET
H3 200 style.min.css
tabelpakde.com/wp-includes/css/dist/block-library/ Frame 7BC1 95 KB
13 KB 55ms
53ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 16:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167
etag: W/"17ced-643ecb48-1f8584;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jR9jVfto9dIPHD5cP0bol25Hh2U%2Bodxvol6XIxqi4%2FU36rtr9S5fO3M5XJUnGjfB12cfT6oDFgzxfecbM%2FpcEwcANcELEpF5KjCDr0%2BNOM5MapJyNt9NkETgJQkMcLlF28%2BDnqH1yYBJpFk9Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163eac8fcbda3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:55 GMT

GET
H3 200 classic-themes.min.css
tabelpakde.com/wp-includes/css/ Frame 7BC1 291 B
683 B 46ms
44ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-includes/css/classic-themes.min.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 16:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167
etag: W/"123-643ecb48-1bae39;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iemAeD3iAOYN%2FZKKsmzV7XiDcAIPC3J4mXpxAGWQESPvAv0treOVeIz76yvnBwzdQOWyiuCMynzWVtia06kygOq%2BChZZ2v5dQIKT9QqXSc13zQ6xd3e0C%2BzGdTmA4Cn56mczbZFo1b1Z%2FITpQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163eac8fccda3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:55 GMT

GET
H3 200 style.css
tabelpakde.com/wp-content/themes/twentynineteen/ Frame 7BC1 151 KB
25 KB 85ms
83ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-content/themes/twentynineteen/style.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:51:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167
etag: W/"25b97-62cc2af0-1f8143;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2Fyi2EFQgFGM50bErRvyJKfEigLBlETNSuDXxDUk2mJZhcWJbgX7cN4YlWMea%2FLwn%2FLRUfTDD6gvw5ANArTIS1374xZN8b%2BXJLvvoA7%2BGr68xN1dmOZIG5lJJ8uBjOj4yro8WcGp0fjNPyTQDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163eac8fcdda3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:55 GMT

GET
H3 200 default.css
tabelpakde.com/wp-content/plugins/tablepress/css/build/ Frame 7BC1 6 KB
3 KB 53ms
52ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 30 Jun 2023 09:57:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 167
etag: W/"17c7-649ea721-1f945c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94iKNW%2B92Q%2FwzZsZHPcD%2BpWaZCKeIREioZp7L0VXiZ0d4hInpDRLGSGs9bF1NwzpO1%2B1xFR4reE1aC9MsCQvpmNK1TzNjDyPFiFR3K%2FYQEGeyTPKkndRM7BGjKVWu2FFBhQ4VDs9Kix9tU6bSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163eac8fcfda3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:55 GMT

GET
H2 200 logo-hongkong-pools.jpg
1.bp.blogspot.com/-2Di_UzrZrOo/Xn4xevxDnMI/AAAAAAAAAxc/2SYE2fXvVfIDUwsUUfhHwCgiRrR0Q0F_ACLcBGAsYHQ/s1600/ Frame 7BC1 12 KB
12 KB 75ms
73ms Image
image/jpeg 2607:f8b0:4006:80d::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-2Di_UzrZrOo/Xn4xevxDnMI/AAAAAAAAAxc/2SYE2fXvVfIDUwsUUfhHwCgiRrR0Q0F_ACLcBGAsYHQ/s1600/logo-hongkong-pools.jpg

Requested by

Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:30:05 GMT
x-content-type-options: nosniff
age: 1005
content-disposition: inline;filename="logo-hongkong-pools.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12426
x-xss-protection: 0
server: fife
etag: "v327"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Feb 2024 20:30:05 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 6361 108 KB
13 KB 276ms
274ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6361 227 B
273 B 283ms
279ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6361 2 KB
499 B 561ms
557ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 425
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 6361 28 KB
8 KB 562ms
558ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6361 86 KB
29 KB 286ms
282ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 6361 13 KB
5 KB 317ms
314ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6361 157 KB
26 KB 40ms
36ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317934
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6361 30 KB
7 KB 52ms
49ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674376
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eac9ec37494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6361 21 KB
8 KB 43ms
40ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498535
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6361 62 KB
16 KB 45ms
41ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268460
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 6361 258 KB
258 KB 232ms
229ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 6361 4 MB
4 MB 266ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 6361 53 KB
53 KB 285ms
283ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:50 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 6361 652 KB
652 KB 578ms
578ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 6361 397 KB
397 KB 377ms
375ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 6361 443 KB
443 KB 523ms
519ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 6361 829 KB
829 KB 307ms
303ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 6361 736 KB
736 KB 321ms
317ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 6361 1 MB
1 MB 327ms
323ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 6361 1 MB
0 436ms
432ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 6361 223 KB
0 2046ms
2043ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 6361 733 KB
733 KB 313ms
309ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 6361 1 MB
0 310ms
306ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 6361 812 KB
812 KB 576ms
573ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 6361 659 KB
659 KB 341ms
338ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 6361 1 MB
1 MB 575ms
572ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 6361 718 KB
718 KB 445ms
442ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 6361 309 KB
309 KB 401ms
398ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 6361 1 MB
0 390ms
387ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 6361 173 KB
173 KB 294ms
291ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 6361 65 KB
65 KB 240ms
238ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 6361 3 KB
1 KB 302ms
299ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6361 8 KB
2 KB 276ms
274ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2473
expires: Tue, 13 Feb 2024 20:38:53 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6361 6 KB
2 KB 277ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 6361 112 KB
35 KB 284ms
280ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 35895
expires: Tue, 13 Feb 2024 20:39:29 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 6361 4 KB
2 KB 304ms
300ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1641
expires: Tue, 13 Feb 2024 20:40:01 GMT

GET
H2

200

merge
ce.lijit.com/ Frame E203
Redirect Chain

https://um.simpli.fi/lj_match?r=10369
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

61ms
60ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:50 GMT

GET
H3

200

/
vip.poltar2d.info/paito-warna-taiwan/ Frame F79C
Redirect Chain

https://vip.poltar2d.info/paito-warna-taiwan
https://vip.poltar2d.info/paito-warna-taiwan/

274 KB
38 KB

337ms
336ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/paito-warna-taiwan/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/live-hongkong/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:50 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/105>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=105>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:50 GMT
location: https://vip.poltar2d.info/paito-warna-taiwan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3

200

/
vip.badutprediction.info/rekap-angka-2d/ Frame 80C3
Redirect Chain

https://vip.badutprediction.info/rekap-angka-2d
https://vip.badutprediction.info/rekap-angka-2d/

127 KB
23 KB

745ms
743ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/rekap-angka-2d/

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.badutprediction.info/rekap-angka-2d/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:51 GMT
link: <https://vip.badutprediction.info/wp-json/>; rel="https://api.w.org/" <https://vip.badutprediction.info/wp-json/wp/v2/posts/148>; rel="alternate"; type="application/json" <https://vip.badutprediction.info/?p=148>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:50 GMT
location: https://vip.badutprediction.info/rekap-angka-2d/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://vip.badutprediction.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame A1B6 0
72 B 78ms
73ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:50 GMT
content-length: 0
vary: Origin

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 2F03 167 B
449 B 63ms
58ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonafantasi.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 cc_302.js
s10.histats.com/counters/ Frame C66C 22 KB
12 KB 54ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22833
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ead789b2886-MIA
content-length: 12201

GET
H2 200 /
e.dtscout.com/e/ Frame C66C 6 KB
3 KB 122ms
113ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-189961945&@b3:1707252408&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-t: 0.254
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYGCG4Mqf7kq01gBuZJ4HD3IMlbWlsPMB0OPa4hDvL%2F94Ef1hcBBhhcLlExiLhTv3zetHi8uh7G93xD2lyLACWOBZSlB1bl0ZAJkLfR9Rr%2FqP9xVYnV1CKJGNl%2BGQ%2BqWmjwetfzGEhNioPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163ead7a977449-MIA
expires: Tue, 06 Feb 2024 20:46:49 GMT

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 216ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-175033026&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 214ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-187243682&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 220ms
73ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:52017290&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 222ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:124295206&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 219ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:54540834&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 217ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:167048026&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 215ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-170367368&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 223ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:181190731&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 523ms
72ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-66441412&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 735ms
100ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-185249700&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 734ms
100ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-45076216&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 734ms
100ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-7935331&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 528ms
76ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:185460222&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 728ms
66ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-122953449&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 649ms
74ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-149355655&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 4DAE 438 B
573 B 420ms
74ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-5009345&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame 4A5B 437 B
572 B 401ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-81792880&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame F8DB 437 B
572 B 403ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-11702966&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:42 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 js15_as.js
s10.histats.com/ Frame 8B7B 11 KB
5 KB 50ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonafantasi.info
URL: https://vip.zonafantasi.info/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38072
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eadc9ca2886-MIA
content-length: 4547

GET
H2 200 js15_as.js
s10.histats.com/ Frame 3EB8 11 KB
4 KB 58ms
56ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38072
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eadc9cf2886-MIA
content-length: 4547

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 1D72 5 KB
2 KB 401ms
399ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3290
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: sYtoIYwwPYRb513bwjJRjHBaDkqn2eORLz2ztrr-ufNjIF4NTkQCaA==

GET
H3 200 bbjs.js
bungaprediction.top/ Frame F8FD 15 KB
3 KB 357ms
353ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:50 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E203 0
72 B 71ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:50 GMT
content-length: 0
vary: Origin

GET
DATA 200
OK truncated
/ Frame 3F89 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 7CCC 43 B
177 B 78ms
70ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:50 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 /
t.dtscdn.com/widget/ Frame 6F0E 0
461 B 92ms
85ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-t: 1.89
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jfai1llo%2FiwVE9epIPB6in8b5%2F7%2BXDib3fd%2Br1kxL5pYhC2MRQxhG7zk8s9KhY2toumgH0TdajlZnU%2F07Vct1lu%2Bb91S1U2ywpEFUShvlAWLy47dmANxBS%2FbKXgAnXqZpU%2FGFSVfEk4nQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163eaecb73daa9-MIA
expires: Tue, 06 Feb 2024 18:26:21 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6F0E 33 KB
11 KB 165ms
159ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37198
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 292kNWD3Tcgc2jYsIjMlffgeUMfi5FzdUpaYKEfSP3T1CDsW6Qyuhg==

GET
H2 200 /
t.dtscout.com/pv/ Frame 6F0E 0
292 B 124ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=6&_ls=10&_cc=us&_pl=d&_b=chrome%40121&_cbid=3kl4&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-t: 0.104
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crhRMZNNhLNMfiFi3LSajYM5tGrTcnd7AQ6I6%2BdHmsaoow1OQVNyZC7ea4KI%2Fn1N5P9f71f01WRcn%2F3IXHHULgko%2BbkmGtNbNrFYEGlIJGLnLWNaSgOIBSeCiS%2B0iVltRhqu9ywLSWddjgA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163eaedd537449-MIA
expires: Tue, 06 Feb 2024 20:46:49 GMT

GET
H2 200 /
t.dtscdn.com/widget/ Frame CF4E 0
293 B 91ms
87ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-t: 6.1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJyVwvqjNtVzSUze5Al9GeI%2FPWhLcvtvy9J%2BAgd7FTL1GreBdBZR39dljDmj7ZI4K2D00A%2Bs%2BG10GEErB4CDiB%2F%2F860hsnUOE5NLfODAeGW0ENYVOn%2BEBeQAO%2FHb9pPMcLWSg3hdkGgSpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163eaedb82daa9-MIA
expires: Tue, 06 Feb 2024 18:26:21 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame CF4E 33 KB
11 KB 245ms
241ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37198
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 4zdpeQQdWiv9Htq25VOba6bnefm_0nSxsbfNSjM7D8zs5NmdKY2ykA==

GET
H2 200 /
t.dtscout.com/pv/ Frame CF4E 0
286 B 122ms
118ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=7&_ls=10&_cc=us&_pl=d&_b=chrome%40121&_cbid=6nmj&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
x-t: 0.1
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzUfi14Iqec7hKOy4seUMaGrnO40NjCfMm5joVDnyVLUVW%2Ffjuj3QgnZX%2BPYrNwZCOFRPrvhZBlX2wY9FoL5XgOrYrWtLklyyzafBqTaPqXYKrT%2BzY9%2FxHXPhqNdjAkM5ej2VGmUsVi2WDg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163eaedd5b7449-MIA
expires: Tue, 06 Feb 2024 20:46:49 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0AEB 230 B
529 B 35ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 0AEB 231 B
530 B 36ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame B858 0
0 84ms
78ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=23373
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:50 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: 7f8Bam75udodby1fyJT7YZ-iFgqTNVgSVdOgIn_LSQwi03-SUFQ8eg==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame B131 0
0 82ms
79ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38760
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:50 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: 3oCCrFprIpagxcmD1bNDoIfyf94C9khzbBhlcPksay6l0WBDEjskeg==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 89D5 167 B
449 B 92ms
88ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame BF94 167 B
449 B 63ms
60ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 163E 167 B
449 B 61ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 686D 5 KB
2 KB 125ms
123ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3290
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: _VBpVWq2RTVu4KR9YD-gaYQVxJr-zEGeaaWiBltUftJZ_hO-H9buNw==

GET
H3 200 wp-emoji-release.min.js
tabelpakde.com/wp-includes/js/ Frame 7BC1 18 KB
5 KB 48ms
47ms Script
application/x-javascript 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 18 Apr 2023 16:54:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7004
etag: W/"4904-643ecb47-1f881b;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3BtUpHLuz1oM4Hje9oHpPMEOS2ZPIB7TuTLDVPRzZk0hLAxONvfl%2BLwacABIKr%2BkfDd28TLGcxT%2BLUnUEUgv95l91vFU0hsdSCBMAEbCOYOCLAS1FY5IRZ%2FpCtN0hbHypsrEHgYll0hATGhpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 85163eafcc90da3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:55 GMT

GET
H3 200 print.css
tabelpakde.com/wp-content/themes/twentynineteen/ Frame 7BC1 4 KB
2 KB 47ms
45ms Stylesheet
text/css 2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tabelpakde.com/wp-content/themes/twentynineteen/print.css?ver=6.2.4
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/live-draw-hk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/live-draw-hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 161
etag: W/"f6d-62cc2aab-1f8100;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVK3D1crsn8dhgFF0Ba%2BeKid2O%2B6fIG4qgruYqPo%2F%2FO2tZqp%2BOOQ3XjvfJn7d8Pd78SdaQQYoHPNYxVV6awv9h0MAiZnNYcnJQb2ka8K%2BsJ2oUBb%2BnzyY4qOB7XKIgYylFVAxGsYHqvUHN1U8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 85163eafcc95da3f-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 13 Feb 2024 16:08:45 GMT

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 1E73 108 KB
13 KB 282ms
277ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:50 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 1E73 227 B
321 B 286ms
282ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 1E73 2 KB
353 B 286ms
282ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 1E73 28 KB
8 KB 287ms
282ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 1E73 86 KB
29 KB 293ms
289ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 1E73 13 KB
5 KB 448ms
444ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 1E73 157 KB
26 KB 40ms
36ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317935
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 1E73 30 KB
7 KB 48ms
45ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674376
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb00da87494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 1E73 21 KB
8 KB 41ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498536
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 1E73 62 KB
16 KB 41ms
38ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268460
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 1E73 258 KB
258 KB 266ms
263ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 1E73 4 MB
4 MB 281ms
278ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 1E73 53 KB
53 KB 334ms
334ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 1E73 652 KB
652 KB 260ms
258ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 1E73 397 KB
397 KB 237ms
236ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 1E73 443 KB
443 KB 472ms
464ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 1E73 829 KB
829 KB 470ms
463ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 1E73 736 KB
736 KB 480ms
473ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 1E73 873 KB
0 481ms
475ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 1E73 955 KB
0 482ms
476ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 1E73 0
0

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 1E73 733 KB
733 KB 468ms
462ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 1E73 965 KB
0 476ms
470ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 1E73 812 KB
812 KB 472ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 1E73 659 KB
659 KB 479ms
473ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 1E73 955 KB
0 474ms
469ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 1E73 718 KB
718 KB 464ms
459ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 1E73 309 KB
309 KB 472ms
468ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 1E73 799 KB
0 475ms
471ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 1E73 173 KB
173 KB 470ms
466ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 1E73 65 KB
65 KB 461ms
457ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 1E73 3 KB
0 378ms
375ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1228
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 1E73 8 KB
2 KB 277ms
275ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2320
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 1E73 6 KB
2 KB 277ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 1E73 112 KB
0 647ms
639ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 1E73 4 KB
0 361ms
354ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3

200

/
tabelpakde.com/ Frame 7BC1
Redirect Chain

https://tabelpakde.com/wp-content/themes/images/brick-wall.png
https://tabelpakde.com/

64 KB
64 KB

52ms
51ms

Image
text/html

2606:4700:3034::6815:19cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tabelpakde.com/
Requested by: Host: tabelpakde.com
URL: https://tabelpakde.com/wp-content/themes/twentynineteen/style.css?ver=6.2.4
Protocol: H3
Server: 2606:4700:3034::6815:19cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tabelpakde.com/wp-content/themes/twentynineteen/style.css?ver=6.2.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 06 Feb 2024 20:44:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 158
x-litespeed-cache: hit
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4UjqrPl6SpIhOIWLIryrkLr7BlNEpTixAE1gSt1NB7s3f7JvJW4uzoDnaG7oJMPZLwiHKSYyiddiLX6Q%2Ba83Os3loUEs8x2xeMX8vyKqT7PBPtyB30gGEZMAnEwfqwx5%2B8UCT1q2ZnQp79dow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=120
cf-ray: 85163eb08db4da3f-MIA
link: <https://tabelpakde.com/wp-json/>; rel="https://api.w.org/", <https://tabelpakde.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://tabelpakde.com/>; rel=shortlink
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 06 Feb 2024 20:46:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 159
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 481_HTTP.404,481_404,481_URL.ccdd258ddbe472c29f3082e0ddc05535,481_
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZcmzpztgiOlUhh%2Bz%2FDMjRS7t0VVTVom5XDwZXe5lZddfB0T3lIuB50lLN6S2YkAMnyQ2MQg4HMHTzhbCfKBW6oUW41PYzF7Fv6WjgcuVDT3Gb4zOgpv0qTWUUIIiSiPYeabchEpY67Ww8ENeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://tabelpakde.com
cache-control: max-age=120, must-revalidate
cf-ray: 85163eb01d19da3f-MIA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame FAB9 16 KB
6 KB 57ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30530
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb05f232886-MIA
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame FAB9 6 KB
3 KB 175ms
167ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-100631622&@b3:1707252409&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.257
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBPhvd9JQcYypofH2lZy7DHisQJUbCETOCzNlH1dxrGuTxAyrcPuAxo2dUvxqerHsmqOC3Px1WsadteYhg8FcQDrxIf8xRGk%2B9XlfBTTUp8iMTOOzogi1UCSWaNyaPJFoBZC%2B7RhLdIetIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163eb058177449-MIA
expires: Tue, 06 Feb 2024 20:46:49 GMT

GET
H/1.1 200
OK 4790086.php
s4.histats.com/stats/ Frame B45E 434 B
569 B 718ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4790086.php?4790086&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%202D%20%E2%80%93%20BADUT%20PREDICTION&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:131428617&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-2d%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 6D61 43 B
177 B 75ms
69ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:50 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2

200

merge
ce.lijit.com/ Frame E189
Redirect Chain

https://um.simpli.fi/lj_match?r=85771
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

65ms
63ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:50 GMT

GET
H2

204

sync
nlsn.thrtle.com/ Frame B214
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-bb2d-817472fc4f3d

0
468 B

150ms
93ms

Image
text/plain

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-bb2d-817472fc4f3d
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-singapore/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-bb2d-817472fc4f3d
date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame E1C7 0
0 84ms
82ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=58129
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:50 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: WydYmnGDOiNSjOV4TMr6YvyUYU9IDSx-_5l1IYVXQ1dsdn9u_wnKrA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2

204

sync
nlsn.thrtle.com/ Frame 1E3C
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IHj-ASZHA5mXSqTcSkShkITv
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-a7e6-595113d3b79c

0
468 B

149ms
92ms

Image
text/plain

3.224.184.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-a7e6-595113d3b79c
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Server: 3.224.184.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-184-174.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=daa36ef0-c530-11ee-a7e6-595113d3b79c
date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 cc_604.js
s10.histats.com/counters/ Frame 2C71 13 KB
5 KB 47ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39044
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb0afe22886-MIA
content-length: 4509

GET
H2 200 /
e.dtscout.com/e/ Frame 2C71 6 KB
3 KB 194ms
193ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-84766503&@b3:1707252409&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.518
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VX49uNIWW1LxCD5pxx%2BPqcymRVOrAXKxAgokXiPYD96bF%2F6d09ZAh4tBUEMYZbdCUDc0Swqg7KyhP1b1bXoLr8AJkILLDnwknBmY2Rq7W%2F%2FzavRA5BQm4xMZMeSYYps4Y002%2BKXd8CmMRs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163eb0a8b77449-MIA
expires: Tue, 06 Feb 2024 20:46:50 GMT

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame 8BD6 437 B
572 B 658ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20CHINA%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-62160145&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame F8DB 230 B
529 B 38ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame F8DB 231 B
530 B 39ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame E189 0
72 B 68ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:51 GMT
content-length: 0
vary: Origin

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame FAB9 230 B
529 B 44ms
43ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame FAB9 231 B
530 B 44ms
43ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame D4EC 11 KB
5 KB 66ms
65ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb138e72886-MIA
content-length: 4547

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame C903 5 KB
2 KB 68ms
65ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3291
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: HqFrsKNTtYvWKTypSumDVrUTxw0BaxleB-zWZpi6YYbl0rs2M4h8NA==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame F3D9 5 KB
2 KB 67ms
65ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3291
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 7wFFw2SrWfq9QXWTOB2vxk4b7_X2rQQ0dDCRqU7rIEOa_aThIsIC-g==

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame 027B 18 KB
5 KB 337ms
335ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/live-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame E203 43 B
573 B 69ms
68ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=5749

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:51 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame D16A 85 B
482 B 67ms
61ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647804
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: x-iOlFgfLoKN5vmw6I9rHNhOWyACAmmG79nGug3ugyJgB3EJF03E5Q==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 4646812.php
s4.histats.com/stats/ Frame 027B 437 B
572 B 540ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-93406186&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame C629 437 B
572 B 730ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-136928778&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame DC7D 167 B
449 B 63ms
56ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.roomangkasa.top
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 0965 167 B
447 B 69ms
58ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 3E22 167 B
449 B 69ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame 0AEB 16 KB
6 KB 53ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30531
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb1a9c02886-MIA
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame 0AEB 6 KB
3 KB 127ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20HONGKONG%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:1485924&@b3:1707252409&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-hongkong%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.322
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4mA1VJiAve6STiycWnZKC95r7Rcc9XA%2FUjW6r7ib6hmuc3KtCHfoHeLPEXmq7rH%2Buks%2BeX2jFm1P23qr7NC79bSj4kyJXd%2Bbi%2FDD9iaTM4IHZ17SZy59RPaAiu7N8Ercpzm9R6jxgQ1oKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163eb1aab87449-MIA
expires: Tue, 06 Feb 2024 20:46:50 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 8BD6 230 B
529 B 38ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 8BD6 231 B
530 B 39ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame C47F 43 B
177 B 77ms
75ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:51 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame F79C 108 KB
13 KB 280ms
278ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 30 Jan 2024 22:09:05 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame F79C 227 B
273 B 292ms
289ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame F79C 2 KB
499 B 293ms
289ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 425
expires: Tue, 13 Feb 2024 20:39:46 GMT

GET
H3 200 style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame F79C 28 KB
8 KB 294ms
291ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame F79C 86 KB
29 KB 298ms
295ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame F79C 13 KB
5 KB 329ms
326ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:51 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame F79C 157 KB
26 KB 43ms
40ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317935
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame F79C 30 KB
7 KB 49ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674377
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb27b307494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame F79C 21 KB
8 KB 44ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498536
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame F79C 62 KB
16 KB 44ms
42ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.poltar2d.info/
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268461
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame F79C 258 KB
258 KB 314ms
312ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame F79C 4 MB
4 MB 320ms
319ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame F79C 53 KB
53 KB 255ms
253ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:51 GMT

GET
H3 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame F79C 652 KB
652 KB 253ms
250ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame E302 11 KB
4 KB 46ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb27bca2886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame CF7F 10 KB
2 KB 263ms
262ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:51 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 js15_as.js
s10.histats.com/ Frame CC21 11 KB
4 KB 47ms
42ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.roomangkasa.top
URL: https://vip.roomangkasa.top/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb28bde2886-MIA
content-length: 4547

GET
H2 200 /
t.dtscdn.com/widget/ Frame F84C 0
572 B 84ms
81ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&r=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.9
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVac8gIKdDAVTTz6UjbuEdyUDgRx1mvJeFp8f8xEP3u4Aa8ATN%2BRoKv1oCqTDvTCSbzHKwLoCip3jpQYkRW8%2BHwEC6ZtrUtnu8BeX97QjPQcdHR0QrOtZ0MKaVQTkpwAcwZk3oXciv7SJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 85163eb288e8daa9-MIA
expires: Tue, 06 Feb 2024 20:50:30 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame F84C 33 KB
11 KB 107ms
103ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37199
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 3t1NLp1540RZhGCDibyGvf7r4uq5S2E1ArHdiD0wbaCtNMYTGz1PGA==

GET
H2 200 /
t.dtscout.com/pv/ Frame F84C 0
294 B 158ms
155ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.velbettgroup.com&_ss=2mplj54hf2&_pv=8&_ls=10&_cc=us&_pl=d&_b=chrome%40121&_cbid=53xj&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL0dlmjy8plA5WbEBX%2BBmw%2B5j8Djt36rjVEEECBje2EiUHbIXIS%2FEZBSTbcVE%2B0E0kil%2BlL%2BZHUrL4khWaiLZ6z1G5ozr4%2FPk3riYuIRzry7Y4U8D3ifx%2FRdjyV71kIuGivoXBl%2Beu%2F1hM0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163eb28cbe7449-MIA
expires: Tue, 06 Feb 2024 20:46:50 GMT

GET
H2 200 /
dtsedge.com/ping/ Frame F84C 0
445 B 243ms
79ms Script
application/javascript 2606:4700:3033::6815:e31

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=vip.velbettgroup.com
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e31 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.47
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcM9c2%2BiokDRGiAMuzFyk4DLJT6zLOGtv4qWJdx73uxnPpkPe2XvzeycdyS24230z1fBofvJ3BBFmktycXnmTd1jT4aIo12HHIzPEAvVzf3YSeRNtmLbX4NfV5Vo%2B0ExQTYAhIhn4WwEmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 85163eb39c29d9c1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
t.dtscdn.com/widget/ Frame 4FE2 0
448 B 84ms
81ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 1.41
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr62y76hHRVh9zGlu9uY%2BjjJKyjWXQPDCPpQR00I7xGt%2FQaBUS58u3LssA9tMYXRy%2FjGIzEYIxIQjyqsfRvMXRky7jcN1E5fz7GL4xbfLEurEgHcgZ08fWo%2BokcXLltQJca8T7X4%2BPtrkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163eb298f6daa9-MIA
expires: Tue, 06 Feb 2024 20:44:18 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4FE2 33 KB
11 KB 218ms
215ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37199
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: cgovNDoLS5Z1K9skNxhKEUds7myX5LqNGNYJzXMRAhWEUve6o47b7A==

GET
H2 200 /
t.dtscout.com/pv/ Frame 4FE2 0
376 B 208ms
205ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=9&_ls=13&_cc=us&_pl=d&_b=chrome%40121&_cbid=69rc&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.142
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RsHnuEyawFvRtonmrn4Z0KETBWboBlZvhWeRLVzOyRmcAAulbLPLFay%2BjEpzYEfXNODUmumMWtgHqjsyA4p1A2i0EWHxKUO0SnfPWiTD5RS%2B4HfaUywqaSkBb%2B8Q2JZPy2JFvwfT%2F7RQZs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163eb29cd57449-MIA
expires: Tue, 06 Feb 2024 20:46:50 GMT

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame FAE5 167 B
447 B 61ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
DATA 200
OK truncated
/ Frame 4FE2 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AF9F 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E302 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame E302 75 KB
76 KB 48ms
47ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 25
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb2da5b4c02-MIA
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js
s10.histats.com/ Frame 69C6 11 KB
4 KB 104ms
102ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb32cc82886-MIA
content-length: 4547

GET
H2 200 js15_as.js
s10.histats.com/ Frame 078D 11 KB
4 KB 114ms
56ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb38dbc2886-MIA
content-length: 4547

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B45E 230 B
529 B 92ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B45E 231 B
530 B 85ms
68ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame A6D6 0
0 81ms
70ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=17718
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:51 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: zA1WWD8Z3er5Vd42OCQl18LUoeFHTP2vFi-jtmTJZTyqAaIykz4f6w==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame D16A 766 B
1 KB 87ms
63ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650867
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: e0M8AA9remXMDslGl9lK53JTlwzrT6tB3Kth9Xtcrna_3QWxUJdGpw==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 5C0B 43 B
573 B 76ms
64ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=451

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:51 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame A6AF 43 B
573 B 74ms
63ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=40468

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:51 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame B2C4 5 KB
2 KB 75ms
60ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3291
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: ESnND-CkCfMl9Do-vsLcy24EnaGGilKzzjojZXvY5ulf41zQB_iiMw==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 2C63 5 KB
2 KB 76ms
61ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3291
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: cgKgTWH2N9_e6KndeHicD3ZFYCx2QXDre6PAsSqVFMYB8-a_Q6-0aA==

GET
H2 200 js15_as.js
s10.histats.com/ Frame 3F89 11 KB
4 KB 62ms
51ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb39dc52886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 7AF7 10 KB
2 KB 265ms
264ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:51 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 390ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-34133222&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 434ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:70035768&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 587ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:198468838&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 592ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-126784683&@b3:1707252411&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 078D 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 078D 75 KB
76 KB 52ms
50ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.zonaprediction.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 30
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 50d54ee636d5e1b30479948063523c57
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb42c9e4c02-MIA
cdn-requestpullsuccess: True

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 3F89 75 KB
76 KB 84ms
83ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 25
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb43cd64c02-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 303ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:43217622&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 530ms
289ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:71634916&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 281ms
67ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:32988817&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 361ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-36479840&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 232ms
75ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-187596110&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 251ms
71ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-21787989&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
573 B 303ms
74ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-86767567&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
0 935ms
675ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:148786015&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
0 404ms
237ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:152920827&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
0 416ms
70ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-141251487&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
0 463ms
83ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-147470575&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4709486.php
s4.histats.com/stats/ Frame 8B7B 438 B
0 559ms
69ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-32056168&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 438
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame 3EB8 437 B
572 B 328ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:141470704&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:43 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_431.js
s10.histats.com/counters/ Frame 4DAE 18 KB
7 KB 45ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_431.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 25206
etag: "-655800570"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb5eba82886-MIA
content-length: 7547

GET
H2 200 /
e.dtscout.com/e/ Frame 4DAE 6 KB
3 KB 114ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-175033026&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
x-t: 0.264
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OL7cIcCMAbzhhhy4OZzphrL13J%2BqJxmBR%2FqUCGOTnKRKynAr9MnhVqPowuRyY5TfXs4M6fv%2F1WODBR3BuWv1fJQZL09R0gDC6Pdsz%2Bx13ORfXogzkcTVPntpdu194TB9tZpI282Wb4QYo70%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163eb5ebcd7449-MIA
expires: Tue, 06 Feb 2024 20:46:50 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame AF9F 11 KB
4 KB 45ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38073
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb5fbc12886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame A36E 10 KB
2 KB 263ms
262ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:51 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3

200

/
vip.poltar2d.info/live-cambodia/ Frame AD57
Redirect Chain

https://vip.poltar2d.info/live-cambodia
https://vip.poltar2d.info/live-cambodia/

100 KB
0

1035ms
1034ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-cambodia/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/rekap-kumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/rekap-kumat/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/268>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=268>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
location: https://vip.poltar2d.info/live-cambodia/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
DATA 200
OK truncated
/ Frame 6361 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame AF9F 75 KB
76 KB 54ms
53ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 25
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb658dc4c02-MIA
cdn-requestpullsuccess: True

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame A6AF 0
72 B 69ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:51 GMT
content-length: 0
vary: Origin

GET
H3 200 poltar.php
vip.zonafantasi.info/ Frame DC59 12 KB
2 KB 285ms
284ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.zonafantasi.info/poltar.php

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 /
t.dtscdn.com/widget/ Frame C66C 0
453 B 84ms
80ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 1.21
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PluVHvwtTUMwUX%2B%2B7ix8IKEla8fnUlIdzeTqpn9%2F%2B4OnYAJ1%2F3OH7pA0Ml5%2B%2FpLD2tADLY%2BnMtIyqRYm%2BAj4T0yMshhakylju5YiEyg2glQILi%2Ft%2B42ExJ3lj%2Fj%2BRX1UPNvRNCjCmhp3kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 85163eb6d8e3daa9-MIA
expires: Tue, 06 Feb 2024 19:52:44 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C66C 33 KB
11 KB 106ms
103ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37199
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: RtnUaeg3cx-v6scnnYA72c4jixbv3h_DAM6K9yHnYRsA7DGZNV5P5w==

GET
H2 200 /
t.dtscout.com/pv/ Frame C66C 0
331 B 120ms
117ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.roomangkasa.top&_ss=6qwc6mlfpf&_pv=6&_ls=31&_cc=us&_pl=d&_b=chrome%40121&_cbid=3zg7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 0.124
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJd6hkl8rfbDciW%2Fefd5n0jex9AmouH9rZvTmvVTNh58YDu%2BW7y9QKd7%2F4jSeKOMicUcce%2FYYMM1b707Mbvl3qbKYyxUjlYGdO3cswy6dtQKz8ADZJxu22VxMYGr5UjvFJTGFB0DzB6xCaQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163eb6dd737449-MIA
expires: Tue, 06 Feb 2024 20:46:51 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 4093 0
72 B 71ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:51 GMT
content-length: 0
vary: Origin

GET
H2 200 cc_3018.js
s10.histats.com/counters/ Frame 4A5B 18 KB
8 KB 51ms
47ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3018.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 74846
etag: "-729663383"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb6fdf62886-MIA
content-length: 7830

GET
H2 200 /
e.dtscout.com/e/ Frame 4A5B 6 KB
3 KB 153ms
149ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:-81792880&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 0.273
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHUiRWlAr5PeT3bkwi3YjSwVCNc5g0X5vcoxcAexAR%2BfKCuKGyO4yq70wxqwcDVYYWLE%2BSJxLmx1qlz%2Fbx9rOhhPjh1OvrE5QqiwJwmpSGJH5L09FjuN63%2BQN6ItAAyBF00AYrC6fzMCT68%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163eb6fdb27449-MIA
expires: Tue, 06 Feb 2024 20:46:51 GMT

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame F8DB 16 KB
6 KB 52ms
49ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30532
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb6fdfe2886-MIA
content-length: 6216

GET
H2 200 /
e.dtscout.com/e/ Frame F8DB 6 KB
3 KB 115ms
112ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBUKU%20MIMPI%204D%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-2d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-11702966&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fbuku-mimpi-4d%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 0.323
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eREw96WOVYjbtSmzI52OEaY2GsTF%2Bjs89o8Z6xNXqVX0EOq35pSDA%2BhY%2BsaaBMGUYdoydMlHycqB2nhBbLOmygxS2WVmU6jO%2FmKFGmzy%2F54Z9sBPUY9uXNnyOGgyNbxTej4tx92XEPZh1%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163eb6fdb87449-MIA
expires: Tue, 06 Feb 2024 20:46:51 GMT

GET
H2 200 js15_as.js
s10.histats.com/ Frame F8FD 11 KB
5 KB 45ms
43ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38074
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb6fe032886-MIA
content-length: 4547

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 1D72 167 B
447 B 66ms
62ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 686D 167 B
451 B 64ms
61ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://w1.bungaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 4C03 43 B
177 B 397ms
394ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:52 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame F79C 397 KB
397 KB 293ms
292ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:52 GMT

GET
H3 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame F79C 443 KB
443 KB 436ms
432ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame F79C 396 KB
0 332ms
328ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame F79C 498 KB
0 365ms
361ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame F79C 436 KB
0 433ms
430ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame F79C 393 KB
0 432ms
429ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame F79C 460 KB
0 326ms
323ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame F79C 415 KB
0 464ms
461ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame F79C 397 KB
0 438ms
435ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame F79C 430 KB
0 389ms
386ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame F79C 439 KB
0 361ms
358ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame F79C 389 KB
0 520ms
518ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame F79C 309 KB
309 KB 316ms
314ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame F79C 451 KB
0 418ms
416ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame F79C 173 KB
173 KB 311ms
309ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 jquery.min.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame F79C 95 KB
0 341ms
338ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 32851
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 table.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame F79C 2 KB
0 428ms
428ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 755
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET warna.js
vip.poltar2d.info/wp-content/themes/asteroid/assets/js/ Frame F79C 0
0

GET
H3 200 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame F79C 65 KB
65 KB 281ms
279ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "vf72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="728x90 ITUVIP.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66677
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame F79C 0
0

GET wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F79C 0
0

GET regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F79C 0
0

GET wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame F79C 0
0

GET frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame F79C 0
0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 65BF 0
0 72ms
69ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=97849
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:52 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: GlkjPpSf2wQ8MJINGMElDX4U-0zfW1MvAAijumzp5YT0SqzRq0FwNA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame E189 43 B
573 B 63ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=57318

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:52 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 2AA9 85 B
483 B 63ms
61ms Document
text/html 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 647805
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 30 Jan 2024 08:50:08 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
x-amz-cf-id: 7GcYAwwefEMJQwXzzmr9ybEJDUcEG-fDCGu76p86neLXCy-P67X9xQ==
x-amz-cf-pop: PHL50-C1
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 bbjs.js
bungaprediction.top/ Frame CF7F 15 KB
3 KB 354ms
352ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: vip.velbettgroup.com
URL: https://vip.velbettgroup.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3

200

/
vip.poltar2d.info/live-japan/ Frame 51AE
Redirect Chain

https://vip.poltar2d.info/live-japan
https://vip.poltar2d.info/live-japan/

100 KB
0

498ms
497ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/live-japan/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/paito-warna-sydney/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/276>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=276>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
location: https://vip.poltar2d.info/live-japan/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H3 200 style.min.css
vip.badutprediction.info/wp-includes/css/dist/block-library/ Frame 80C3 108 KB
13 KB 266ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 30 Jan 2024 22:07:49 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13600
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 cwp.css
vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 80C3 227 B
271 B 267ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 sidebar-login.css
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 80C3 2 KB
374 B 267ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 style.css
vip.badutprediction.info/wp-content/themes/asteroid/ Frame 80C3 28 KB
8 KB 268ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 jquery.min.js
vip.badutprediction.info/wp-includes/js/jquery/ Frame 80C3 86 KB
29 KB 270ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 jquery-migrate.min.js
vip.badutprediction.info/wp-includes/js/jquery/ Frame 80C3 13 KB
0 540ms
535ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.badutprediction.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/rekap-angka-2d/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 80C3 157 KB
26 KB 38ms
34ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2317936
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 80C3 30 KB
7 KB 51ms
47ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 6674378
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb7ee7e7494-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 80C3 21 KB
8 KB 39ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5498537
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 80C3 62 KB
16 KB 39ms
36ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vip.badutprediction.info/
Origin: https://vip.badutprediction.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 06 Feb 2024 20:46:52 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1268461
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760020-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 kof77.gif
zona-bermain.com/wp-content/uploads/2024/02/ Frame 80C3 3 MB
3 MB 266ms
262ms Image
image/gif 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zona-bermain.com/wp-content/uploads/2024/02/kof77.gif
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS: 172.96.191.134-static.reverse.arandomserver.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
last-modified: Mon, 05 Feb 2024 12:27:34 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3233741
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
H3 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ Frame 80C3 82 KB
29 KB 69ms
66ms Script
text/javascript 2607:f8b0:4006:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:10:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:10:56 GMT

GET
H3 200 on-1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVH-i6WIpCgW8-RSgcRIfMz_RSEpYZ6-qfhjLdJCag12YC7dj0cqtgS_z9z0zoJ9n4gbRN4yPgHPLb_2su2WPhlMnaY_ZLpx_L6m3AWdo1bKMjOtfFSwE4dzuZd4Pmx46ZXWzPEfPiYBAV_Dhv... Frame 80C3 311 B
341 B 290ms
289ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/rekap-angka-2d/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1c00"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="on-1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET 4790086&101.gif
s4is.histats.com/stats/i/ Frame 80C3 0
0

GET comment-reply.min.js
vip.badutprediction.info/wp-includes/js/ Frame 80C3 0
0

GET wp-polyfill-inert.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 80C3 0
0

GET regenerator-runtime.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 80C3 0
0

GET wp-polyfill.min.js
vip.badutprediction.info/wp-includes/js/dist/vendor/ Frame 80C3 0
0

GET frontend.js
vip.badutprediction.info/wp-content/plugins/sidebar-login/build/ Frame 80C3 0
0

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame A843 43 B
573 B 64ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=88386

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:52 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B214 0
72 B 74ms
70ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:52 GMT
content-length: 0
vary: Origin

GET bbjs.js
bungaprediction.top/ Frame 7AF7 0
0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 7635 0
0 73ms
71ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=37296
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:52 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: JZcPazGzKji_wFAjTuImr8RzUpdAoUYrp40HtoBMGb0hGUR7wSBx4Q==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H3 200 livechina.php
w1.bungaprediction.com/ Frame 5C9C 0
0 1126ms
1126ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livechina.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 415
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js
s10.histats.com/ Frame 6361 11 KB
4 KB 46ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38074
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163eb889192886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame 6349 10 KB
0 416ms
415ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2401
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 1E3C 0
72 B 69ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:52 GMT
content-length: 0
vary: Origin

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 6F0E 5 KB
2 KB 65ms
63ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3292
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PGpXeImE3KezyU2LkKfdmjffKaAwyGY4xJF6CfcONpk4TFdIG0947w==

GET
H2 200 dataBeacons.min.js
data-beacons.s-onetag.com/ Frame CF4E 5 KB
2 KB 67ms
66ms Script
text/javascript 13.224.214.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-83.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 19:52:01 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 3292
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: uJ5ve6AzisKNovrSnef6xyN86aTR6FHfagJx6OFnKUO3wLvzAGwsow==

GET
H3

200

/
vip.poltar2d.info/prediksi-china/ Frame 963A
Redirect Chain

https://vip.poltar2d.info/prediksi-china
https://vip.poltar2d.info/prediksi-china/

0
0

318ms
317ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-china/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/prediksi-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:53 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/93>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=93>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
location: https://vip.poltar2d.info/prediksi-china/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 7CCC 43 B
573 B 67ms
67ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=54426

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:52 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 5C0B 0
144 B 87ms
87ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=87948&pu=https://vip.badutprediction.info/
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 78574FD6A4C24754A67FC5CD3F86D5FE Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK2TvGwVwg+OjhaIlQ==

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 2F03 43 B
177 B 129ms
129ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:52 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame A6AF 0
142 B 120ms
120ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=12534&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 420FAA53FA544B79B7FA23B3F44215A8 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK2TxgNEBDtWhNSIgw==

GET
H/1.1 200
OK 4781567.php
s4.histats.com/stats/ Frame D4EC 437 B
0 385ms
235ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:130087305&@b3:1707252412&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame C903 167 B
451 B 71ms
65ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.zonaprediction.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame F3D9 167 B
447 B 69ms
64ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.poltar2d.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 /
t.dtscdn.com/widget/ Frame FAB9 0
412 B 90ms
87ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 1.27
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1iblJ5KyTQgx7xbDuVXLD3Tu20NK9WoxAEMyCoolD2pBYrq546Sb9E38buIQDMOYnj5tAMBCEAP7m137m6Nd4CIv907g0K54OklFXiGqo4xoJvWpY%2Bz2Ko9ti4HuUGQ8FRF5CZDgu2AEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 85163eb8fc60daa9-MIA
expires: Tue, 06 Feb 2024 18:26:22 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame FAB9 33 KB
0 112ms
108ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37200
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: dK3lX5MDjF6CHnE5J5CqchkIwvaaJDVU5UjTaJNTpSsnRNCZ48O3YQ==

GET
H2 200 /
t.dtscout.com/pv/ Frame FAB9 0
0 126ms
123ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=10&_ls=14&_cc=us&_pl=d&_b=chrome%40121&_cbid=5l71&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-ct%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BWuAZXZNev1GUbZEVs5rXEdMNVrUwBwlDZf3wYK53JiTWU1G5E%2BmgQV0pSnKKSPCUop5Gy35%2BW8TzwqkbRKbfNOC%2F2nFOsEHE1KZVTcQr%2FmnwRCu20jvAsVcaZoS1m2gOW47PorgnxaHt4%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163eb8f9cc7449-MIA
expires: Tue, 06 Feb 2024 20:46:51 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6361 75 KB
76 KB 50ms
49ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 26
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163eb92def4c02-MIA
cdn-requestpullsuccess: True

GET
H3

200

/
vip.poltar2d.info/angka-mistik/ Frame 741E
Redirect Chain

https://vip.poltar2d.info/angka-mistik
https://vip.poltar2d.info/angka-mistik/

0
0

317ms
315ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/angka-mistik/

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.zonaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:53 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/291>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=291>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
location: https://vip.poltar2d.info/angka-mistik/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET bbjs.js
bungaprediction.top/ Frame A36E 0
0

GET
H2 200 Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 2AA9 766 B
0 167ms
166ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:05 GMT
x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 650868
etag: "145e495d0d92a3c8fd975bfe5485b72c"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: Mq0g2b1SN4s7op3EDqzxkosTDHMg6qDrp1so3u5il8cxO6H9nkBJqQ==

GET
H2 200 /
t.dtscdn.com/widget/ Frame 2C71 0
0 169ms
168ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.zonaprediction.com%2F&r=https%3A%2F%2Fvip.badutprediction.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 1.47
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xglg%2Fsz%2FpdRDLa6pqK96XXf79Mnfinec2GUNdRF4tZAjai7o%2B5teZKJch0yPC6RRtIrY7p9IksBX%2Bnvn6qYjevPxrrxBiKDGEQty4TFJLL%2F4mf%2FXjNCjEETmTFOCNbeRs7My2jrSEjumRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 85163ebadf4ddaa9-MIA
expires: Tue, 06 Feb 2024 20:44:20 GMT

GET
H2 200 tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2C71 33 KB
0 199ms
198ms Script
text/javascript 13.224.214.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-214-70.phl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
date: Tue, 06 Feb 2024 10:26:53 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: PHL50-C1
age: 37200
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 8xCeBp38SNDk8_LIkbtP14M2wXBlreg3VuALZl7ZmIsZPKQmU8V5Wg==

GET
H2 200 /
t.dtscout.com/pv/ Frame 2C71 0
0 195ms
194ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=vip.zonaprediction.com&_ss=602u201chl&_pv=6&_ls=30&_cc=us&_pl=d&_b=chrome%40121&_cbid=7h16&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonaprediction.com%2F&j=https%3A%2F%2Fvip.badutprediction.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 0.093
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpyxvrMRdQTmy789YPLBZMBdSxBYoQhG2wNxMSrMB9ou7PRJ6sdGRVbDvOtNxaqewgEW4y7VnErZCKspcF7at3mWtdxjiSq5abfdIs05ZOAsBPdQKiWVMfeGuZIBQka0ZSrF5d6eA6zpZjY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 85163ebadd587449-MIA
expires: Tue, 06 Feb 2024 20:46:51 GMT

GET bbjs.js
bungaprediction.top/ Frame DC59 0
0

GET
H/1.1 200
OK 4773874.php
s4.histats.com/stats/ Frame CC21 434 B
0 459ms
68ms Script
text/html 54.39.128.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4773874.php?4773874&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-75712855&@b3:1707252413&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.roomangkasa.top%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.128.117 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561935.ip-54-39-128.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:44 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 7CCC 0
72 B 137ms
136ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.poltar2d.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:52 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 5C0B 0
72 B 137ms
137ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://vip.roomangkasa.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 06 Feb 2024 20:46:52 GMT
content-length: 0
vary: Origin

GET
H3 200 wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame 3F89 18 KB
0 344ms
344ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/paito-warna-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Tue, 13 Feb 2024 20:46:52 GMT

GET
DATA 200
OK truncated
/ Frame FAB9 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0AEB 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
t.dtscdn.com/widget/ Frame 0AEB 0
0 94ms
89ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=10401707252376755089DB59665E5F0C&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-hongkong%2F&r=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Fgenerator-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
x-t: 3.17
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nno3GShdpnHMnGD48wqPa2NiUKJNSCoxRwJkJZlnv0Bkrp%2FDAJiikr31kOQUWxkfpdizrpwlBzZhj0m7HVrVVQxRqRINQhNNLYVqu%2BskaMfnstwqpS%2BBi4aYR4019fVyTqb8qsFCkl7fqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 85163ebbd9c3daa9-MIA
expires: Tue, 06 Feb 2024 20:47:28 GMT

GET tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 0AEB 0
0

GET /
t.dtscout.com/pv/ Frame 0AEB 0
0

GET
H3 200 livesd.php
w1.bungaprediction.com/ Frame 3814 1 KB
0 289ms
288ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livesd.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 515
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H3 200 livesydney.php
w1.bungaprediction.com/ Frame CEAC 1 KB
0 290ms
289ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livesydney.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 515
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2 200 js15_as.js
s10.histats.com/ Frame 1E73 11 KB
0 50ms
46ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 38074
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ebbef212886-MIA
content-length: 4547

GET
H3 200 poltar.php
vip.velbettgroup.com/ Frame E744 10 KB
0 265ms
264ms Document
text/html 172.96.191.132
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.velbettgroup.com/poltar.php

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.132 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.132-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://vip.poltar2d.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3

200

/
vip.poltar2d.info/prediksi-sydney/ Frame 4A9C
Redirect Chain

https://vip.poltar2d.info/prediksi-sydney
https://vip.poltar2d.info/prediksi-sydney/

0
0

319ms
318ms

Document
text/html

85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://vip.poltar2d.info/prediksi-sydney/

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://vip.poltar2d.info/live-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:53 GMT
link: <https://vip.poltar2d.info/wp-json/>; rel="https://api.w.org/" <https://vip.poltar2d.info/wp-json/wp/v2/posts/55>; rel="alternate"; type="application/json" <https://vip.poltar2d.info/?p=55>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33

Redirect headers

content-encoding: br
content-length: 11
content-type: text/html; charset=UTF-8
date: Tue, 06 Feb 2024 20:46:52 GMT
location: https://vip.poltar2d.info/prediksi-sydney/
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-pingback: https://vip.poltar2d.info/xmlrpc.php
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame BF94 43 B
0 69ms
68ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:52 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 89D5 43 B
0 67ms
67ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:52 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1540_03681
track2.securedvisit.com/sync/ Frame 163E 43 B
0 68ms
68ms Script
image/gif 34.238.108.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.108.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-108-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Feb 2024 20:46:52 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 1E73 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 1E73 75 KB
76 KB 45ms
44ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://vip.poltar2d.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 26
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: bdeb408206d9341260189317f1921ea9
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 85163ebc7c104c02-MIA
cdn-requestpullsuccess: True

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 027B 230 B
529 B 36ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 027B 231 B
530 B 40ms
39ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
e.dtscout.com/e/ Frame 4DAE 6 KB
0 114ms
110ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4709486.php?4709486&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s431&@ten-US&@u1600&@b1:-185249700&@b3:1707252410&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonafantasi.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-t: 0.268
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7gDoQMRZmjlOPjjQISpSSTo2CtJyfhfNCpknAHZ3voNOMNMNtflDE7o1zYDhHbDIvVSYBSAvOJ41NSOY%2FHmBdH6O5r9XajnLhbUrooVnY8hAlE0MqaWRxCy0D1np0az4OIyw%2FKTxNBjjPA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl2
cf-ray: 85163ebd69977449-MIA
expires: Tue, 06 Feb 2024 20:46:52 GMT

GET 4781567.php
s4.histats.com/stats/ Frame 69C6 0
0

GET 4646812.php
s4.histats.com/stats/ Frame 3F89 0
0

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame B2C4 0
0 61ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.badutprediction.info
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 v2
ap.lijit.com/readerinfo/ Frame 2C63 0
0 61ms
59ms Fetch
application/json 18.209.194.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.209.194.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-209-194-141.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.velbettgroup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
content-encoding: gzip
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://vip.velbettgroup.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 176

GET
H2 200 cc_302.js
s10.histats.com/counters/ Frame B45E 22 KB
0 49ms
48ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.badutprediction.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 22836
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ebe5b842886-MIA
content-length: 12201

GET /
e.dtscout.com/e/ Frame B45E 0
0

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame 8BD6 16 KB
0 47ms
45ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30533
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ebe5b902886-MIA
content-length: 6216

GET /
e.dtscout.com/e/ Frame 8BD6 0
0

GET
H2 200 cc_408.js
s10.histats.com/counters/ Frame 027B 16 KB
0 45ms
44ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 30533
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 85163ebe5b992886-MIA
content-length: 6216

GET /
e.dtscout.com/e/ Frame 027B 0
0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3C17 0
0 70ms
69ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=80488
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.badutprediction.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:53 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: sQWMcLC5ZRYHF--Xxoyq2TQw2HhpOFzQKCOtz0dcA9OVHqPXkDqNwA==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET 4709802.php
s4.histats.com/stats/ Frame 078D 0
0

GET 4646812.php
s4.histats.com/stats/ Frame E302 0
0

GET dataBeacons.min.js
data-beacons.s-onetag.com/ Frame F84C 0
0

GET dataBeacons.min.js
data-beacons.s-onetag.com/ Frame 4FE2 0
0

GET wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame AF9F 0
0

GET cc_3018.js
s10.histats.com/counters/ Frame C629 0
0

GET /
e.dtscout.com/e/ Frame C629 0
0

GET cc_431.js
s10.histats.com/counters/ Frame 8B7B 0
0

GET /
e.dtscout.com/e/ Frame 8B7B 0
0

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 6D61 43 B
573 B 62ms
61ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=98724

Requested by

Host: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.zonaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:53 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET bbjs.js
bungaprediction.top/ Frame 6349 0
0

GET wp-emoji-release.min.js
vip.poltar2d.info/wp-includes/js/ Frame E302 0
0

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame A843 0
143 B 88ms
86ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=60754&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: FA867C0B59ED41B5872FEA5790700F18 Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK2mh8H+ZBX7aHIfNw==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame C47F 43 B
573 B 60ms
59ms Image
image/gif 44.216.155.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IHj-ASZHA5mXSqTcSkShkITv&rnd=20635

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/generator-line-angka/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.216.155.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-216-155-178.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Tue, 06 Feb 2024 20:46:53 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 7CCC 0
143 B 109ms
109ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IHj-ASZHA5mXSqTcSkShkITv&rand=44997&pu=https://vip.zonaprediction.com/
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/paito-warna-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7D58BD9D9A134CABBFA4E808D56408DF Ref B: MIAEDGE2017 Ref C: 2024-02-06T20:46:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQvK2mwY6cdIyRhxDbBg==

GET
H2

200

merge
ce.lijit.com/ Frame 5C0B
Redirect Chain

https://um.simpli.fi/lj_match?r=204
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

69ms
61ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.badutprediction.info
URL: https://vip.badutprediction.info/prediksi-cambodia/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.roomangkasa.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:53 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 5726 0
0 70ms
70ms Document
text/plain 18.238.4.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=16856
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.238.4.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-68.phl51.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://vip.zonafantasi.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Tue, 06 Feb 2024 20:46:53 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 ef337dd302517121dfb2acfcd2bcfca8.cloudfront.net (CloudFront)
x-amz-cf-id: 8Lqpl3kI0aSB3gP4sUNoZscTHS1njquqdRDDcLHKkb1LA5uuLr_jCw==
x-amz-cf-pop: PHL51-P1
x-cache: Miss from cloudfront

GET
H2

200

merge
ce.lijit.com/ Frame A6AF
Redirect Chain

https://um.simpli.fi/lj_match?r=51167
https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3

43 B
870 B

63ms
61ms

Image
image/gif

54.236.130.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
Requested by: Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/prediksi-japan/
Protocol: H2
Server: 54.236.130.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-130-106.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Tue, 06 Feb 2024 20:46:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 06 Feb 2024 20:46:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B61B1E57FF6445AABD322482D45314B3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 05 Feb 2024 20:46:53 GMT

GET 1540_03681
track2.securedvisit.com/sync/ Frame DC7D 0
0

GET 1540_03681
track2.securedvisit.com/sync/ Frame 0965 0
0

GET 1540_03681
track2.securedvisit.com/sync/ Frame 3E22 0
0

GET wp-emoji-release.min.js
vip.zonaprediction.com/wp-includes/js/ Frame 078D 0
0

GET

/
vip.poltar2d.info/tabel-shio/ Frame 031D
Redirect Chain

https://vip.poltar2d.info/tabel-shio
https://vip.poltar2d.info/tabel-shio/

0
0

GET style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame 51AE 0
0

GET cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 51AE 0
0

GET sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 51AE 0
0

GET style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame 51AE 0
0

GET jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 51AE 0
0

GET jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame 51AE 0
0

GET bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 51AE 0
0

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 51AE 0
0

GET popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 51AE 0
0

GET bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 51AE 0
0

GET
H3 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 51AE 258 KB
258 KB 196ms
193ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET
H3 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 51AE 111 KB
0 301ms
297ms Image
image/gif 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: vip.poltar2d.info
URL: https://vip.poltar2d.info/live-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://vip.poltar2d.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 20:46:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Wed, 07 Feb 2024 20:46:53 GMT

GET FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 51AE 0
0

GET FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 51AE 0
0

GET UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 51AE 0
0

GET SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 51AE 0
0

GET PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 51AE 0
0

GET WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 51AE 0
0

GET velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 51AE 0
0

GET BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 51AE 0
0

GET fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 51AE 0
0

GET FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 51AE 0
0

GET IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 51AE 0
0

GET LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 51AE 0
0

GET hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 51AE 0
0

GET marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 51AE 0
0

GET mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 51AE 0
0

GET DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 51AE 0
0

GET NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 51AE 0
0

GET 728x9
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtD... Frame 51AE 0
0

GET comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame 51AE 0
0

GET wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 51AE 0
0

GET regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 51AE 0
0

GET wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame 51AE 0
0

GET frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame 51AE 0
0

GET 4781567.php
s4.histats.com/stats/ Frame F8FD 0
0

GET 1540_03681
track2.securedvisit.com/sync/ Frame FAE5 0
0

GET bbjs.js
bungaprediction.top/ Frame E744 0
0

GET cc_3018.js
s10.histats.com/counters/ Frame 3EB8 0
0

GET /
e.dtscout.com/e/ Frame 3EB8 0
0

GET 4646812.php
s4.histats.com/stats/ Frame AF9F 0
0

GET style.min.css
vip.poltar2d.info/wp-includes/css/dist/block-library/ Frame AD57 0
0

GET cwp.css
vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame AD57 0
0

GET sidebar-login.css
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame AD57 0
0

GET style.css
vip.poltar2d.info/wp-content/themes/asteroid/ Frame AD57 0
0

GET jquery.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame AD57 0
0

GET jquery-migrate.min.js
vip.poltar2d.info/wp-includes/js/jquery/ Frame AD57 0
0

GET bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame AD57 0
0

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame AD57 0
0

GET popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame AD57 0
0

GET bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame AD57 0
0

GET HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame AD57 0
0

GET comment-reply.min.js
vip.poltar2d.info/wp-includes/js/ Frame AD57 0
0

GET wp-polyfill-inert.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AD57 0
0

GET regenerator-runtime.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AD57 0
0

GET wp-polyfill.min.js
vip.poltar2d.info/wp-includes/js/dist/vendor/ Frame AD57 0
0

GET frontend.js
vip.poltar2d.info/wp-content/plugins/sidebar-login/build/ Frame AD57 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0

Domain: zona-angka.top
URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?source=lotame

Domain: geo-um.btrll.com
URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/themes/asteroid/assets/js/warna.js

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: s4is.histats.com
URL: https://s4is.histats.com/stats/i/4790086&101.gif?4790086&101

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.badutprediction.info
URL: https://vip.badutprediction.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: bungaprediction.top
URL: https://bungaprediction.top/bbjs.js

Domain: bungaprediction.top
URL: https://bungaprediction.top/bbjs.js

Domain: bungaprediction.top
URL: https://bungaprediction.top/bbjs.js

Domain: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js

Domain: t.dtscout.com
URL: https://t.dtscout.com/pv/?_a=v&_h=vip.poltar2d.info&_ss=tfclfsa0f0&_pv=11&_ls=14&_cc=us&_pl=d&_b=chrome%40121&_cbid=2mmv&_cb=_dtspv.c

Domain: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:6569957&@b3:1707252413&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w

Domain: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20SYDNEY%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Frekap-angka-4d%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-39257554&@b3:1707252413&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-sydney%2F&@w

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-2d%2F&j=https%3A%2F%2Fvip.badutprediction.info%2Frekap-angka-3d%2F

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-china%2F&j=https%3A%2F%2Fvip.zonaprediction.com%2F

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F&j=https%3A%2F%2Fvip.poltar2d.info%2Flive-hongkong%2F

Domain: s4.histats.com
URL: https://s4.histats.com/stats/4709802.php?4709802&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20PREDICTION%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fvip.badutprediction.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:32662045&@b3:1707252413&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.zonaprediction.com%2F&@w

Domain: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20KUMAT%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.zonaprediction.com%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:156228027&@b3:1707252413&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Frekap-kumat%2F&@w

Domain: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js

Domain: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Domain: s10.histats.com
URL: https://s10.histats.com/counters/cc_3018.js

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F

Domain: s10.histats.com
URL: https://s10.histats.com/counters/cc_431.js

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.zonafantasi.info%2Fpoltar.php&j=https%3A%2F%2Fvip.zonaprediction.com%2F

Domain: bungaprediction.top
URL: https://bungaprediction.top/bbjs.js

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Domain: track2.securedvisit.com
URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv

Domain: track2.securedvisit.com
URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv

Domain: track2.securedvisit.com
URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv

Domain: vip.zonaprediction.com
URL: https://vip.zonaprediction.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/tabel-shio/

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Domain: s4.histats.com
URL: https://s4.histats.com/stats/4781567.php?4781567&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2F&@q0&@r0&@s3018&@ten-US&@u1600&@b1:9570855&@b3:1707252414&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&@w

Domain: track2.securedvisit.com
URL: https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv

Domain: bungaprediction.top
URL: https://bungaprediction.top/bbjs.js

Domain: s10.histats.com
URL: https://s10.histats.com/counters/cc_3018.js

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fvip.velbettgroup.com%2Fpoltar.php&j=https%3A%2F%2Fvip.poltar2d.info%2F

Domain: s4.histats.com
URL: https://s4.histats.com/stats/4646812.php?4646812&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20JAPAN%20%E2%80%93%20POLTAR%202D&@n0&@ohttps%3A%2F%2Fvip.poltar2d.info%2Fpaito-warna-hongkong%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:-175773033&@b3:1707252414&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fvip.poltar2d.info%2Fprediksi-japan%2F&@w

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Domain: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Domain: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Domain: blogger.googleusercontent.com
URL: https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-Pppm9Xv_dO9b7OCTvSGw4ttjM-tfM9Du-RBM8nBPoRxEwR-hi58qQinTqYesm7m0R2GnDqXsP4-fTBxlfQK2uioV6oLGm_ncWCnKzCGLEamyWF7tZrV3Hs8OOIalBATg6mUGqJeew5dtJtDJQitI-6EW3o70A5WXUk7ARjiHA5jbAkmZfkA17g/s16000/728x9

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/comment-reply.min.js?ver=6.4.3

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Domain: vip.poltar2d.info
URL: https://vip.poltar2d.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

131 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i.liadm.com/s	1970-01-20 18:57:24	Name: _li_ss Value: ChMKBgjdARCTFwoJCP____8HEJ0X
i6.liadm.com/s	1970-01-20 18:57:24	Name: _li_ss Value: CgA
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstCfa4710812 Value: 1707252376094
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstCla4710812 Value: 1707252376094
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstCmu4710812 Value: 1707252376094
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstPn4710812 Value: 1
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstPt4710812 Value: 1
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstCnv4710812 Value: 1
vip.disksusiangka.info/	1970-01-21 02:59:48	Name: HstCns4710812 Value: 1
.dtscout.com/	1970-01-20 20:38:12	Name: df Value: 1707252376
.dtscout.com/	1970-01-20 20:20:55	Name: l Value: 10401707252376755089DB59665E5F0C
.disksusiangka.info/	1970-01-20 20:19:29	Name: __dtsu Value: 10401707252376755089DB59665E5F0C
.sharethis.com/	1970-01-21 03:01:14	Name: __stid Value: ZHsABWXCmpkAAAAICHS3Aw==
.sharethis.com/	1970-01-21 03:01:14	Name: __stidv Value: 2
.dtscdn.com/	1970-01-20 22:31:58	Name: uid Value: 10401707252376755089DB59665E5F0C
.tynt.com/	1970-01-21 02:59:48	Name: uid Value: CoIKSWXCmplPk+YDIoYcAg==
.tynt.com/	1970-01-20 20:23:48	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1707252377366%7D%5D
.onaudience.com/	1970-01-21 02:59:48	Name: cookie Value: 4898902a0626ab70
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects109 Value: 1
.tapad.com/	1970-01-20 19:40:36	Name: TapAd_TS Value: 1707252377567
.tapad.com/	1970-01-20 19:40:36	Name: TapAd_DID Value: a29c3c35-1afd-4407-ae92-1fc84df28745
.go.affec.tv/	1970-01-21 02:59:48	Name: ck Value: 65c29a99bc6e410001aae620
.go.affec.tv/	1970-01-21 02:59:48	Name: oo Value: 1
.33across.com/	1970-01-21 02:59:48	Name: 33x_ps Value: u%3D212452573673311%3As1%3D1707252377637%3Ats%3D1707252377637
.linkedin.com/	1970-01-20 20:23:48	Name: li_sugr Value: c7e8d076-428f-4790-b9e4-930ec7ecc9c3
.linkedin.com/	1970-01-21 02:59:48	Name: bcookie Value: "v=2&50b4805c-12c9-4d93-88e6-42ad081f0be2"
.linkedin.com/	1970-01-20 18:15:38	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3153:u=1:x=1:i=1707252377:t=1707338777:v=2:sig=AQGVUb8vfSUsLeR3j3dZeODDecOWKMgj"
.rezync.com/	1970-01-21 03:35:48	Name: zync-uuid Value: 04f914a0-8ab4-4b75-a0b6-99966074788d:1707252377.6527843
.eyeota.net/	1970-01-21 03:01:14	Name: mako_uid Value: 18d802be85f-51060000010a463c
.eyeota.net/	1970-01-20 18:14:12	Name: SERVERID Value: 17980~DM
.adsrvr.org/	1970-01-21 03:01:14	Name: TDID Value: e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3
.adnxs.com/	1970-01-20 20:23:48	Name: XANDR_PANID Value: GTstlFMDRwtsepxGx5SxZ0s5A8TBcGjgD7Sa0iO-EKBQKYhk1oGUGv7xZhwFNRc3XIQ7yE6x0dTK1sCVr5Oj9Gl8bsxf0alFuYFTRjm5QjA.
.adnxs.com/	1970-01-21 03:50:12	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:23:48	Name: uuid2 Value: 6740019904450003240
.lijit.com/	1970-01-21 02:59:48	Name: ljt_reader Value: IHj-ASZHA5mXSqTcSkShkITv
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS3MDe1sLA0tTQ2NTc0NjQ1EOIz1C0zSw1zCw0LNPAvzwAAeigf4SQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4BBycGA3MBkLsXJ3v4uKtxZaJXsgGLq0TkhVRSjBzPMsKs1tk3e4MbF_qxzUcjoAAAA
.rfihub.com/	1970-01-21 03:35:48	Name: rud Value: H4sIAAAAAAAA_-MSsjS3MDe1sLA0tTQ2NTc0NjQ1EOIz1C0zSw1zCw0LNPAvzwAAeigf4SQAAAA
.bluekai.com/	1970-01-20 22:36:17	Name: bku Value: 5RW99JZSyZPAb2xa
.ml314.com/	1970-01-21 03:01:14	Name: pi Value: 3641886910967185458
.tapad.com/	1970-01-20 19:40:36	Name: TapAd_3WAY_SYNCS Value: 1!908
.rlcdn.com/	1970-01-20 19:40:36	Name: pxrc Value: CJm1iq4GEgUI6AcQABIFCOhHEAASBQjbThAB
live.rezync.com/	1970-01-21 03:35:48	Name: sd-session-id Value: .eJwNyksOwiAQANC7zLqY4TPMDJdpwGJCtGhK3dj07nb5knfA_KnbmnvtO6R9-9YJ7q92aUA6YLTfWp-QQFmYRJTUE1tvCeGcYNQx2rvPbbkKhofakNFILsGEwmQylmhUNUbkwCJLsozsyHnmWyTHEjycf4CQJNM.ZcKamg.lhi99LQGM_HpJyAj8JMfVJF5gSo
.doubleclick.net/	1970-01-21 03:50:12	Name: IDE Value: AHWqTUngWXxc-RqP0vg73wz4ONadHLxHhe9W5s3eyAmySyDukaDVu1T5YC419sRyIWs
.go.affec.tv/	1970-01-21 02:59:48	Name: pt Value: eyJhbiI6eyJkdCI6MTcwNzI1MjM3OCwiaWQiOiI2NzQwMDE5OTA0NDUwMDAzMjQwIiwibHMiOjE3MDcyNTIzNzh9LCJ0dCI6eyJkdCI6MTcwNzI1MjM3NywiaWQiOiJDb0lLU1dYQ21wbFBrK1lESW9ZY0FnPT0iLCJscyI6MTcwNzI1MjM3N30sInRkIjp7ImR0IjoxNzA3MjUyMzc4LCJpZCI6ImUyYTljYWJkLTZjMjItNGJjYy1hNTM1LTJhZGQ0ZTBkOGFlMyIsImxzIjoxNzA3MjUyMzc4fSwidiI6MH0=\|1707252378\|4915b2bc12aabbabfa6eaf9737b1cb9e35cc3326
.pippio.com/	1970-01-21 02:59:48	Name: did Value: N5FynBHe2I49RyZV
.pippio.com/	1970-01-21 02:59:48	Name: didts Value: 1707252378
.pippio.com/	1970-01-20 19:40:36	Name: nnls Value:
.pippio.com/	1970-01-20 19:40:36	Name: pxrc Value: CJq1iq4GEgYIgr0rEAA=
.liadm.com/	1970-01-21 03:50:12	Name: lidid Value: c82ea0b7-19bd-45cc-9811-2f6e296f3edd
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects236 Value: 1
.yahoo.com/	1970-01-21 03:00:10	Name: A3 Value: d=AQABBJuawmUCELLb3H18FQk78QS6t8Kh7FMFEgEBAQHsw2XMZdxH0iMA_eMAAA&S=AQAAArfzFt8kx-I1X7SEYR7qEHU
.intentiq.com/	1970-01-21 03:50:12	Name: IQver Value: 1.9
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects252 Value: 1
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects104 Value: 1
.crwdcntrl.net/	1970-01-21 00:42:58	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:42:58	Name: _cc_id Value: 1ef63964d0079f7f2fddeaf925caff58
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-21 02:59:48	Name: zc Value: 13db9786-9c0e-434e-7e27-8a377d59496c
.dtscout.com/	1970-01-20 18:14:17	Name: m Value: 5
.dtscout.com/	1970-01-20 18:14:26	Name: oa Value: 5
.rlcdn.com/	1970-01-21 02:59:48	Name: rlas3 Value: VeJc95iGjY90LWIz9AcUypwC1jFzva3pv92FF3r20PA=
.mgid.com/	1970-01-21 02:59:48	Name: muidn Value: o16lS9w6z8Kc
.mgid.com/	1970-01-20 18:14:14	Name: __cf_bm Value: hL5sVXTq9SGtqJGEsxv0A4x.vvYtK.gR0D_a95JH7so-1707252381-1-AajH18tH8ZRebmQaBsCln1bXSc6JKAE6b7dpEecBzBcdv/mm8rO8+un9iS2Gf+7+x66Hx4mXaKpsfJ+7AloBdpw=
.bidswitch.net/	1970-01-21 02:59:48	Name: tuuid Value: d3b8af45-018e-46b0-a9b0-4ac2e187a487
.bidswitch.net/	1970-01-21 02:59:48	Name: c Value: 1707252381
.bidswitch.net/	1970-01-21 02:59:48	Name: tuuid_lu Value: 1707252381
.smadex.com/	1970-01-21 02:52:36	Name: smxtrack Value: fc305091-7886-479d-9ece-0dace9d9c889
.smadex.com/	1970-01-20 18:35:48	Name: smxdc Value: 1
.rqtrk.eu/	1970-01-20 18:24:17	Name: browser_id Value: 1:fe7f881c-1561-42f8-8ed8-02084e9088cc
cm.mgid.com/	1970-01-20 18:57:24	Name: mg_sync Value: {}
.adform.net/	1970-01-20 18:55:57	Name: C Value: 1
.amazon-adsystem.com/	1970-01-20 23:56:55	Name: ad-id Value: A7mmF2tCuE8BrW_aPnwTp6g
.amazon-adsystem.com/	1970-01-21 03:50:12	Name: ad-privacy Value: 0
.bidr.io/	1970-01-21 03:42:42	Name: bito Value: AAAdYU7LhTUAABKHLbqwlg
.bidr.io/	1970-01-21 03:42:42	Name: bitoIsSecure Value: ok
.adform.net/	1970-01-20 19:40:36	Name: uid Value: 3314857305076316538
.onaudience.com/	1970-01-20 18:15:38	Name: done_redirects282 Value: 1
.simpli.fi/	1970-01-21 03:01:14	Name: suid Value: B61B1E57FF6445AABD322482D45314B3
.shareaholic.com/	1970-01-21 03:50:12	Name: c_id Value: 59cd90ee-d211-468e-b888-2b0791cd9acc
.smadex.com/	1970-01-20 18:35:48	Name: smxltm Value: 1
.agkn.com/	1970-01-21 02:59:48	Name: ab Value: 0001%3A7Dptu7mVYfSL%2BOrltiox7GTdEnp6yEGp
.lijit.com/	1970-01-21 02:59:48	Name: _ljtrtb_5001 Value: 1ef63964d0079f7f2fddeaf925caff58
.lijit.com/	1970-01-21 02:59:48	Name: _ljtrtb_2 Value: B61B1E57FF6445AABD322482D45314B3
.id5-sync.com/	1970-01-20 20:23:48	Name: id5 Value: 18967020-ad48-7a83-816b-f67c02e33a1d#1707252382205#2
.smadex.com/	1970-01-20 18:28:36	Name: smxbds Value: 1
.rubiconproject.com/	1970-01-21 02:59:48	Name: khaos Value: LSATZLBV-R-KF12
.rubiconproject.com/	1970-01-21 02:59:48	Name: audit Value: 1\|MKX/R1elg6yJ4kPyyXk6xusuctNIo1HWKOLLmpfAsUU8fCYmOTvXg0nley7DpUJQAOMa3TnhxkBCbuL7wqM7W80qs7nZ3hbKxyc3tB2OseCWnw5yd0aiM7+b6PrGn6Z2SoYfVsxbOVXmM9hfUY6Tc32NFdeBSG8DIMI8Z44gR8I=
.c.cintnetworks.com/	1970-01-20 18:14:15	Name: TiPMix Value: 40.787715531500815
.c.cintnetworks.com/	1970-01-20 18:14:15	Name: x-ms-routing-name Value: self
.turn.com/	1970-01-20 22:33:24	Name: uid Value: 4345328060373329827
.lijit.com/	1970-01-21 02:59:48	Name: ljtrtb Value: eJwNyrkRgCAQAMBeLja4HzCDQfpghGvCsXfdeB9gOKE5NbosjeGqVmvrwqyZu5qQNoEDDJH%2BSTtciutCTCVScKy1ZxS2e0ZYhvcDBfwULA%3D%3D
.everesttech.net/	1970-01-21 02:59:48	Name: everest_g_v2 Value: g_surferid~ZcKanwAACtYtYwBB
.crwdcntrl.net/	1970-01-21 00:43:00	Name: _cc_cc Value: "ACZ4XmNQMExNMzO2NDNJMTAwt0wzTzNKS0lJTUyzNDJNTkxLM7VgAILUQ7MW%2FPz%2F%2Fz8%2FiAMG%2FGufn9FlPMvI8J%2BRkeH6%2BgcyMPa9D5asf4JAwh%2FAknu0QORHWRC5vR6s%2FNzRQ8yE1PzcOIWFkJpLpx6xEVKze99lAUJqPjTcF2BCdifD4cVzCNp%2Bd%2B1TbkImv1tC2JyG%2F5qEjFk44wATITX%2FurQIKfl155sKITUAzb224A%3D%3D"
.crwdcntrl.net/	1970-01-21 00:43:00	Name: _cc_aud Value: "ABR4XmNgYGBIPTRrAZCCAHYGBq4ZYOaiVhDJqDUbQs0CUXzuDmDew3oQxa%2BzH0gCACnkCK0%3D"
.id5-sync.com/	1970-01-20 20:23:48	Name: 3pi Value: 224#1707252383589#-1675238687#4345328060373329827\|321#1707252384937#-417688392\|2#1707252382954#-1701439992#6740019904450003240\|19#1707252382399#1827701342#1ef63964d0079f7f2fddeaf925caff58\|264#1707252382687#-1849130981#e2a9cabd-6c22-4bcc-a535-2add4e0d8ae3\|136#1707252384177#-1877379022\|121#1707252384417#-1325644202\|398#1707252384937#-636810474
.rfihub.com/	1970-01-21 03:35:48	Name: eud Value: H4sIAAAAAAAA_1XLsQ2AMAwF0YY2VeYwchLb3842iRADUVIyFtNQIUR5T7p7SQWMqrW5qZcjg2WPIoPJxxSSCaXB0ygizBgC962_E7CaVri0M6cPQ_z6dzzb2mGMagAAAA
.zeotap.com/	1970-01-20 18:15:38	Name: zsc Value: %EF%F8G%25Z%81%08%F7%5E%7B%A6%3C%C3%E6Q_%B9U%C6%3D%96%E8Lf3%5E%D2%1F%E8%F9%E5%2A%CD%0B%84w%86v%40H%7C%1E%C9x%1A%8C%7CQr%A8%25%05VA%94n%3C%EAHM%F7g%5D%EC%BF%9A%3C%9F%85%B8%A9%12L%85e%A2%2A%B8%DD%CBV%AC%9C%04%BET%95%8B%11%E4m%E8z
.adsrvr.org/	1970-01-21 03:01:14	Name: TDCPM Value: CAESFAoFdGFwYWQSCwje-fq01tfTPBAFGAEgASgCMgsI2vSIuu3X0zwQBTgBWgdicmdldTIzYAI.
.postrelease.com/	1970-01-21 02:59:48	Name: visitor Value: 26f95d0f-896a-49d9-9b78-9cfac059382b
.postrelease.com/	1970-01-21 02:59:48	Name: status Value: 1
.crsspxl.com/	1970-01-20 19:39:53	Name: uid Value: 2471253377608398858
.crsspxl.com/	1970-01-20 19:39:53	Name: uuid Value: cbde8f51-1841-4a15-9926-7663a8d4e9fd
pool.admedo.com/	1970-01-21 02:59:48	Name: tuuid Value: 264ff30c-29ce-4cb5-90cb-d84731a1c787
pool.admedo.com/	1970-01-21 02:59:48	Name: c Value: 1707252387
pool.admedo.com/	1970-01-21 02:59:48	Name: tuuid_lu Value: 1707252387
.pro-market.net/	1970-01-20 18:57:24	Name: anHistory Value: "1wl1039mvr6ej+2+!#72-!H#(tA"
.aidata.io/	1970-01-21 03:50:12	Name: __upin Value: NS6yCaFEA4gmVbOHvKsbAw
.aidata.io/	1970-01-21 03:50:12	Name: __upints Value: 1707252387
.pro-market.net/	1970-01-20 22:33:24	Name: anProfile Value: "1wl1039mvr6ej+1+4=2m2+1f=1+1g=1+1j=57:1+rs=s+rt=200105501D0500010000000000000007+s0=(10)+s2=(s8gcdf)+vm=19-1ef63964d0079f7f2fddeaf925caff58:53-CAESEAPlTxRy4BHzGPdON5AGkgg"
.semasio.net/	1970-01-21 02:59:48	Name: SEUNCY Value: C9471E5D3D4D6B8A
.sddan.com/	1970-01-20 18:14:12	Name: techcookie Value: 1
.sddan.com/	1970-01-20 18:14:13	Name: newu Value: 1
.sddan.com/	1970-01-21 02:59:48	Name: SDDAN Value: 20240206_f9101ad787dd2f876d348717fc334f09
.dtscout.com/	1970-01-20 18:14:15	Name: st Value: 13
.exelator.com/	1970-01-20 21:07:00	Name: EE Value: "869cad0e055a923bfc79c1b3588fa41f"
.exelator.com/	1970-01-20 21:07:00	Name: ud Value: "eJxrXxzq6XKLQcHCzDI5McUg1cDUNNHSyDgpLdncMtkwydjUwiIt0cQwbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIcEl%252BUWb6otDgxUUpaQyLSopPBR87IAYAtcYqhA%253D%253D"
sync.srv.stackadapt.com/	1970-01-21 02:59:48	Name: sa-user-id Value: s%3A0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d.vfmTdBhjoibbIaoGEGkKpq8PD1sqL%2BBhPsAWpYQwFBo
.srv.stackadapt.com/	1970-01-21 02:59:48	Name: sa-user-id Value: s%3A0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d.vfmTdBhjoibbIaoGEGkKpq8PD1sqL%2BBhPsAWpYQwFBo
sync.srv.stackadapt.com/	1970-01-21 02:59:48	Name: sa-user-id-v2 Value: s%3Aqvw6C54pW5dT0Uyo7jdufSaEdkc.OzlUPUcSFwqwcpr%2FKOi1fkCX%2FbLx3ZSrf4UhHUPzK6M
.srv.stackadapt.com/	1970-01-21 02:59:48	Name: sa-user-id-v2 Value: s%3Aqvw6C54pW5dT0Uyo7jdufSaEdkc.OzlUPUcSFwqwcpr%2FKOi1fkCX%2FbLx3ZSrf4UhHUPzK6M
sync.srv.stackadapt.com/	1970-01-21 02:59:48	Name: sa-user-id-v3 Value: s%3AAQAKIHi_SZfaYOMTxebfDRtXV1JlqYhHWvDiqUlKBO8A0wlXEHwYBCCvtYquBjABOgQXuSKpQgSgzRcM.tcEpV2fWl0ub1AYYP8TUPznUe%2B2fq4vE1GrBe3IZvM0
.srv.stackadapt.com/	1970-01-21 02:59:48	Name: sa-user-id-v3 Value: s%3AAQAKIHi_SZfaYOMTxebfDRtXV1JlqYhHWvDiqUlKBO8A0wlXEHwYBCCvtYquBjABOgQXuSKpQgSgzRcM.tcEpV2fWl0ub1AYYP8TUPznUe%2B2fq4vE1GrBe3IZvM0
.t.sharethis.com/	1970-01-20 18:34:21	Name: pxcelPage_default_c010_C Value: 52_0_1707252377797
.analytics.yahoo.com/	1970-01-21 02:59:48	Name: IDSYNC Value: "19cl~2glw:199z~2glw:19bn~2glw:19ab~2glw"
.thrtle.com/	1970-01-20 23:02:12	Name: mc Value: eyJpZCI6IjkyMjE4MjI4LTM5YmMtNDc4Zi1iODJhLWY0ZTViNTNmYmU5MSIsImwiOjE3MDcyNTI0MDEzMDQsInQiOjEzfQ==
.thrtle.com/	1970-01-20 23:02:12	Name: sc Value: eyJpIjoiZDkwMzZiYmYtMzhlZC00Zjg4LWE1NzEtMzhjNTNjYjQzOGMyIiwic2lkIjoic2lkLWQ0YjhkMjBjLWM1MzAtMTFlZS05MmZlLTAyNDIwYWZmMDAxOSIsIm1zIjoxLCJwcyI6Niwic3AiOjUwMzgsInBwIjo2LCJ0c2UiOjYsImx0c2UiOjE3MDcyNTI0MDEwMjB9
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 1048

3691 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.disksusiangka.info/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.pangkalanhdgroup.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.badutprediction.info/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.zona88.top/tabel-shio/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.pangkalanhdgroup.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.roomangkasa.top/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.badutprediction.info/live-japan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://sync.search.spotxchange.com/partner?source=lotame Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://geo-um.btrll.com/v1/map_pixel/partner/66.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://vip.zonaprediction.com/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
security	error	URL: https://vip.roomangkasa.top/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
network	error	URL: https://ad.mrtnsvr.com/sync/lotame?redirect_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D14701%26tp%3DMTAI%26tpid%3D%24%7BMARTIN_AI_ID%7D%26gdpr%3D0 Message: Failed to load resource: net::ERR_CONNECTION_RESET
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vip.poltar2d.info/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.poltar2d.info/generator-line-angka/ Message: Refused to execute script from 'https://vip.poltar2d.info/js/jquery-1.10.2.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://w1.bungaprediction.com/livejapan.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
security	error	URL: https://vip.zonaprediction.com/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.zonafantasi.info/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.badutprediction.info/prediksi-singapore/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.zonafantasi.info/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.roomangkasa.top/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
security	error	URL: https://vip.zonaprediction.com/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://zona-angka.top/wp-content/uploads/2023/06/gif.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.badutprediction.info/prediksi-cambodia/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.zonafantasi.info/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.roomangkasa.top/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
security	error	URL: https://vip.poltar2d.info/prediksi-japan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.poltar2d.info/prediksi-taiwan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.poltar2d.info/paito-warna-japan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.zonaprediction.com/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.poltar2d.info/generator-line-angka/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://vip.badutprediction.info/prediksi-taiwan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
security	error	URL: https://vip.zonafantasi.info/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IHj-ASZHA5mXSqTcSkShkITv' because its MIME type ('image/gif') is not executable.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://vip.disksusiangka.info/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
a.dtssrv.com
aa.agkn.com
ad.mrtnsvr.com
ajax.googleapis.com
ap.lijit.com
api.intentiq.com
audex.userreport.com
bcp.crwdcntrl.net
beacon.krxd.net
blogger.googleusercontent.com
bungaprediction.top
c.cintnetworks.com
c1.adform.net
cdn.jsdelivr.net
cdn.lijit.com
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cm.smadex.com
cms.analytics.yahoo.com
code.jquery.com
connect-metrics-collector.s-onetag.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dis.criteo.com
dmp.adform.net
dp1.33across.com
dp2.33across.com
dtsedge.com
e.dtscout.com
fei.pro-market.net
fonts.googleapis.com
geo-um.btrll.com
get.s-onetag.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.reson8.com
idsync.rlcdn.com
jadserve.postrelease.com
live.rezync.com
loadm.exelator.com
loadus.exelator.com
map.cookieless-data.com
map.go.affec.tv
map.sddan.com
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
ml314.com
mwzeom.zeotap.com
nlsn.thrtle.com
onetag-geo.s-onetag.com
p.rfihub.com
pbid.pro-market.net
pd.sharethis.com
pippio.com
pixel.onaudience.com
pixel.shareaholic.com
pixel.tapad.com
pool.admedo.com
ps.eyeota.net
px.ads.linkedin.com
rankcrack.com
rtd-tm.everesttech.net
s.amazon-adsystem.com
s.w.org
s10.histats.com
s4.histats.com
s4is.histats.com
secure.adnxs.com
secure.gravatar.com
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.outbrain.com
sync.search.spotxchange.com
sync.sharethis.com
sync.srv.stackadapt.com
synchroscript.deliveryengine.adswizz.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tabelpakde.com
tag.crsspxl.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
thrtl.redinuid.imrworldwide.com
thrtle.com
token.rubiconproject.com
track2.securedvisit.com
trc.taboola.com
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
usermatch.krxd.net
vip.badutprediction.info
vip.disksusiangka.info
vip.pangkalanhdgroup.com
vip.poltar2d.info
vip.roomangkasa.top
vip.velbettgroup.com
vip.zona88.top
vip.zonafantasi.info
vip.zonaprediction.com
w1.bungaprediction.com
wt.rqtrk.eu
x.bidswitch.net
x01.aidata.io
zona-angka.top
zona-bermain.com
ad.mrtnsvr.com
blogger.googleusercontent.com
bungaprediction.top
cdn.jsdelivr.net
data-beacons.s-onetag.com
e.dtscout.com
geo-um.btrll.com
get.s-onetag.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
s4is.histats.com
sync.search.spotxchange.com
t.dtscout.com
track2.securedvisit.com
vip.badutprediction.info
vip.poltar2d.info
vip.zonaprediction.com
zona-angka.top
104.18.20.134
107.178.254.65
13.224.214.70
13.224.214.83
13.224.214.92
13.226.52.100
141.94.171.213
142.250.81.226
149.56.240.127
151.101.194.49
162.19.138.82
172.64.153.173
172.96.191.132
172.96.191.134
174.129.90.144
18.209.194.141
18.211.137.235
18.238.4.107
18.238.4.13
18.238.4.51
18.238.4.68
18.238.4.90
18.239.225.91
185.167.164.49
192.0.77.48
199.38.167.130
209.54.182.161
23.37.113.114
23.48.224.78
23.7.64.229
2600:1901:0:8eee::
2600:1f18:ed:550f:6f5e:c54f:5770:5695
2600:9000:20ed:8c00:1a:609a:6780:93a1
2606:4700:10::6814:4f63
2606:4700:10::ac43:28ad
2606:4700:1::6813:854c
2606:4700:20::681a:c3c
2606:4700:21::8d65:780b
2606:4700:3033::6815:e31
2606:4700:3034::6815:19cb
2606:4700:3036::6815:db7
2606:4700:3036::ac43:a392
2606:4700::6812:bcf
2607:f8b0:4006:80c::200a
2607:f8b0:4006:80d::2001
2607:f8b0:4006:817::200a
2607:f8b0:4006:823::2001
2620:112:f002:bbbb::23
2620:1ec:21::14
2a04:4e42:200::649
2a04:4e42::300
2a04:4e42::485
2a04:fa87:fffe::c000:4902
3.13.249.153
3.20.160.213
3.224.184.174
3.225.218.10
3.230.62.22
3.230.91.215
34.111.113.62
34.117.77.79
34.193.93.235
34.232.140.51
34.238.108.239
35.210.53.219
35.211.178.172
35.236.220.17
35.244.154.8
40.71.11.141
44.197.1.96
44.197.18.83
44.216.155.178
50.16.49.58
50.57.31.206
51.15.145.116
51.158.28.83
51.222.241.100
52.0.156.250
52.223.40.198
52.86.247.135
54.173.232.72
54.236.130.106
54.39.128.117
67.202.105.24
67.202.105.32
68.67.160.137
70.42.32.95
74.119.119.150
8.43.72.98
85.187.128.38
89.108.119.43
99.83.181.31
00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0382ec3b7518594cecc67a22ebb186e8cd29f28552bef80409d1ccd14c165ba3
04a8afea953c75bd1ae9857eae876ecc013aaa5ef6dbfcfe6071af7e7c4af76f
0524a3491b289fad4b9fc645b2d34c6f47df901791f1c988647ffca5e52324e6
05751a195405a91e64941b313315418ef46034132ba967ec20ebee8002955cad
05757f152d257c0b6082f4ec4e4213b9c699bf985dc800fedbb7509fed41ced9
057d4c865e97766babef8362734f34a38bf03fe1e4a03132bb35fa7dbe12dfd3
06464b1162f99c45d063f7bea0db932980df7c8a6a5e72a37db44b33f36d2ded
0661419a5271e6488d0e2b5687776b047406cb49a20c53040491186cb553901d
069ca7174e104e727aad4ddf74b3a5b243e960bf60a77aaeb804dffb4908d317
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
08c31802f0c5aba412bd6630e9b1614cfdc2d8be2ea31960c43cc417d3a80196
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b06ca55c1eb4674bf666bee6cd0193d8e72d3ed8535b7b5df6160e0391d84fc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c13dc2dbdced3c6ff3dea6e3eb129d4497118945497a02594347e18c5f3129e
0c1988647825356ec9f70894df4e28d64b7a205c50b07f34d50293ec39e0c95c
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0eabf72c7d6a11c857067258034dc0290fb7902b5f2f0e1d45e4ea4259d7c055
11185f2195e02415011e74251233e377b156e28dadfd626be19c50016561d7ad
1134879c1f95fce2f1344a5df261e02543258b462a3ee3baa69a756788f38a27
126d9136b20fe3334b955b345b30d01d3b741600201437d3c63edaa9559aa277
13493c0c4180ac029dd56875d1c8096c14657d5bcef82ec5cfa069a7349852be
179b3d2ef75f467a200f6cd59ecc94275e3459142e33f64e5bfff45414c47b1d
1aee5e3b9b30ee8fced193e8e3c8e441fb349e5b94b5c0c60836e323f797ef98
1c773409949646d722814bdefe8ff648f7ab5952b62bc63b05203f9b0f47cb31
1c95625fd28e8b01b21134935349f26d4fb17418fa49a567f9e34f9f6c9adaa1
1cce2c4ad9938198337a8788cf7366907d1eeefa5596d6364ece5c55fd2f3aea
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1eafe1dbd1ba3b927dd250192b64a50dfebeff5385b23c4336b0a81815df2851
1fa77ec1aa4a9e151c8a6ab8949c2124afb84a59bb3b5c4fa7e4349b9c619315
1fc38d83d1b3a0c1618808c64468640a3ea2cc5598ae22b38a81cb3857603b79
214619c9db09f96d052cadaa5883efac078f5dc3fe8581e539ad982ef97ffaaa
23ef3eb47dd85023cae337c5ea15c4608bd89e3f847dc0a05f507bf65f8b7604
25e01dd55476ec28f290aaceba77669529245965594f5a3487d25c384cbd3353
26b09f49911de2da4ad461b4c4ea693f95118f89fca3a8bb51ee600c454a47df
2765be105fde846e83c0120b95859ef45bf481575bdc298ef315098f8fb50e60
28dc86dba75a5075310cc18d0ba68a75e400d76857723eae8e4de6b898fce188
29b675d9faa66d452ad1ff7d3497963701215c52aeea160023a66a8ccaf7737d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620
2c43a255e95fbdf338309f6c22ac82b0d7fa1a37ee9c97caf5e40d3fed96f8ad
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f1b0b2668cc081f84472bffd04e6cf999046b7b7cdd6afe99994a035919873e
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb98997f3dc68ab529fd0217ab9830a6e0650f8de5f70d75eb3246e4ba011a1
3028b41b6464c2841402e5cbc156645e5ea5c708af27411c679e188d92f7eeae
312a894eb1f98b5b800cc47b3b3c899a9b4e72164a7d06220df09326b9029173
31cbb95ea7d7b1c4e810cbbbf485ec0a84305e1218f350a6734e618a71a6a1ec
324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064
325d5644a2ef758990bc2f099e2354a47762db05a7e5959fec651cdbe1c0f6b1
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
33fcc02980ff00a944f92e20045e58569443696dc0e35f027a34c6a782b0802d
346eddca5c9a88267082afb80096b1d66a203b40fb99f0c8fbaf58f8dcccec99
3596f1e1af0806fe42dd3eeb1af476884d45b7d7c06f5c3ff69227086f5bd73a
37035c1d5c6a6665bbecad4b74b04fcb37857c523db8f9a70bce3cbaa320ece3
3988e225a811f9523107de1c8098a49adf8cf3a302df020382c696168bc5cda5
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3b60d9ca232b57c7523d30b76a63741a7f09a2de11afcc179e935a06850a1b1c
3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3dba4614f3392f3d4eb6e73700ed60cb0818cef4b9079d4b46946d88d4938364
3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec07ee5912c0650f1f458bf1977356d9982ef0110cd92b86ccfd5c0d9b52fa7
3f86e3ddf57f3e83ba252c6603b322a92bb702ecae304ca25bca0a49f4b68755
40a081108c6cee2833b2b95606e80bbe2d6e846f444b00718b7930b7829663e9
41385bdd87e63df80bd433590b3ec341e26b8b3e3581f82fa0adc036be2f4eb4
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
4360e505f4c5a04c8bbb957c60a066c269b4b6356696571615c0a68ba3e9807e
4495cbd0df7f355b7651859e7cd5c3cb8e0b3848b6107148065b439e96336fcd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
456f47f648535481ce10fdbf723b994846b5fb76dba2f337d9bca584fa548045
485d1be278e4f523a0629cb12941d590f165dfb43e9a760cc70a498b5f77c141
4b4a0d0430b249777e04d3c0505da2f43e214a395395ed337f52828f89f9c8c9
4c404e4b9b3f4087d455585b788c8a83a81fe7c6467215cf37ab5f95b9db0fa1
4e0563e7d6eadc52694ff377671f895c5140eadbcc1eaff3ff216efc554c07bc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45
4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d
4f6d30055470558ef743971e7a8ec11c147a90f1b85751226e8465759381b82d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5065b71b1360ab3b292b1e552db38ef46bf94e0511fdedfd9ad6f6a35e86856b
50a4e0777e169413737929577ace740f7f3c6d277a8bd6d825f1acb268c02c7e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52c602c5946d3cd1ae7556ce70fd8a2ba66a53fce5cb40f537aa88987ea7a029
546a11d0edcc677b2609f791b6621f4fd5f346c78d382517c2f18e72feac3735
5800f2ab7d41d8c2917b85c61a643febbb863f672d077201d23d88d6c0874856
586861516f0846ebb35a5163da3f8acf8d3aeed5305dd120efa8a814e3d0a562
5875d4470dbc104eaa00689772ba8b761ac221778907bc99be1fca0c868c04b9
58f258eb0ccbc2351e0877fbeefaa4f014060fb4906c8e3b561782ba7c0df663
5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde
59830e5a090fd0aec722e32f7d97e4d9d5e311ae955613b8f6aeb91aa9bea5ba
59c2155e231c89b02fa88d8ce2a2c1a80395c0b3cb089b183a8e6e3d4bb8bec5
5a079a85e9528627f4c47b354664df047dca5d28e0b30865fcd3585ea457da31
5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8
5d0d1e2b397fa48cbe7ffd04e39601f47ff880bdd71736b05bd132bff4d47dbb
60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045
61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271
63adf76ebbacf70664877daae33e6c801800e109b1d62aa183f3909e07dbac53
65cf2407ec00c747801843dbcc738b1db2a181af6e9fbd726cefa0cf0c93b393
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67cc1db403b43f83b5d02441291a021f39b07128362ff83fa8311db539608b46
683f503a051658b48c8b2d7c0c2d0342a09a3b32a6f4a2caee1ef69f1bf8548b
68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dd31499c688f228d120f95ad8ea056937c3a340ab0c83300a7915f6bd3d3b8d
6e0dd9e4cca29c757d0f6a5e6b5e43bc8d136f48365d864f287c35de6813254e
6f69767bbf7f882292121be2878b1b4211494006e96ae1bd835b15b850e0121f
7054781eb5bf5951dcf248422983959e48f79fa624b36cfd70e1f3bafb1588b3
70f632569c4df6ec4b2776e73f2ad512211d336c7b1d3860f59ab0e3bdef6e0d
747f8be2f5717d771b7aea7cc4f2b542142b661cc81b2bd6ada501b62611d20e
7570cf10f62a37c9d94f00315c0a4d0b350512c7916eb433f87f14fbd4029274
78f5bb68e20f7b815da71a14fde16c42edf703c2a9791fa039cc6d62cab98ce2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a2295dc8699be843b85d3f72772ae839c804e6de68db1cb6c8bd7e4646334d3
7a81497ee50a6e29d6e3d2d4b5ccffedb97b74890cff8f65e2707fd2fa34669a
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8451b93c3f9872bf81872056b8fd3e8076b485266608a073c93fa3ad41963c85
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
863ffece3af30258029cc8755d9dfaf20590cbb0614dd6d76616adb49fc08ab5
8648ee4d446d8ba16cb4056375e4df17b80451ccf2c2c8599e2951da37e7067a
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
890f731ed09f30d934fbf4c9e2f4a8a0460db2a35dd75f2862910fd8dfd5c39f
893f562d4987fa6c08edfa545ba1bac38e5c420c97df526522c8fb81f5e4cbd6
8a39021b31f8ba7212cfb29da6fc5cc453b12896cba9ec63f7d94bf754e45236
8ac6c6b9e03b9ea7205fc51f00c54638695fa0f268e12bcfc164de33a2bdc57e
8add752d99641fa39ddc6d9bff8feec4497f2343330e22ac9eb28de238e32ed9
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8bba1ce8a27578b66b8d8f97b50ba0f114150732cd91e40c286f30923b6c1332
8bfaafb023334750c12012d3a4ff9419c655518ef93f98107a1b0f05c424e728
8e960c32bd5c77e745800b354a8f6a3e129b45ef5285f2efa481ddbe62e67b27
8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788
8fab091cf3806910f9a7e97c1695f94f500281fed37b8a9d03f6707056c0d466
9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f
91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc
92e61775ec7d86ae8f1aecec4d1dc8de7f890b76248e6ff18045a370e0986db0
93541d257fe0e4469d24f97c9639d7f303518515435e740e6bdf34c9619a9447
9377967183cf2d1c20cd8fdefdd0badb24c3c49b1bd64643894bc63a1ef8e01d
9703cee88e48a3844d0b23a29d0517950f0c237f0bf1b8cae95cf6e9f419e6ab
9846a246ce03fb996f0d1cdb319424cdc2fa280dfd2016d8c99dc4bfc44b4b77
9b14921f75443f0da58373b5c64fd934775e2cb46cd6a541d640bc12b48802ce
9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f
9cf56d3bf39e9edb72fa20d4367a8c1ee7d9da15a70a3a0cba465e2e12058d5d
9d02c18f78ec502bc86949e916f78338a176bfdf8fbfda6f10ef1c4cb868d7d0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a205d27d1c6871cf44e28d10d78c3f41bf88edd6b16a651a4ce54e1997906459
a29edc6ce037f547367624f31d091bad2479e96cc965ee2cf6e480069c5d66b5
a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639
a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2
a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4
a6fa4efdd9f0afa5edc06cf38669f23c221924b6a480f85a9c5aad242017be07
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952
ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad3d3c7d9b8dc8cecbf291496c2627e082ff3217cb5b1073d0fad3de92a3bc4b
ad6ea7b0d66e9bbcefa8a7c6faff864d077cfc535a3539c708bfb7b16fcd085d
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4676763b1f597bc91626752b65f657e1b29810aff46c13e9246b05442eb7913
b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59
b5c7fc2d26f0c457f2f9e8b089af4ce9c3cd3affca1a179da4e12770f5632c67
b656cd7081652f3b931be60b2b32c8a9dce19cb3acb7bf946f2396d8d84b14b2
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
ba11eea95fef1d76915bc44e3e2710d0a52d9da4f1eaaefeff37a6162f8fd0ef
ba1fad2e527d9a21b5a176633d21ce76fb67ceef7ffccd19e3a0d08d57bdf6e7
baa2be96f5a753ef50880c796ff60b64d381c8964cd8bbb2adc853de7ca29eb9
bc5eb5b13a5b85f6abae61997f4adf5ebf027a68fdf35d2c5481326aa888b9ee
bd6138dde6b4ab04fd8d41eeb59a9074377109f6a6d9acf080f1d1051654d80a
be24d70b929fc6c61632626fa9c204dd981407a6932bf93e83ee57b508485ecb
bf93ecaa77e87eb6545f45af92415796a578c03c3ebb07168ec6f3f79b721981
c022524907e72c1c4ba74f41a776756c0ca474f72878d43bb3bb7353e412453e
c0fd0e3f4544145c8b73ead2b742521c858628fec1a3f693bb1fc0fcfc90bd31
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4
c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb
c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c6f55743ea2b0c875538ff0edd6fd97c00c7722b50105e06d0ca0bee32d0344c
c737e2159fdf3d4f1c8630bc34285e55cf0daa3ff30c976954beac04ba97e391
c9f09aa088b2fc4ad414da9bd46e54799a5573a2fa8d56aec7b9020ddee7f315
ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce4abb1179843f3509c562e4d3fb3d9c54b785a86b78af67266cbf0a5be12c83
ce529eb4c1b859dc5cdd90e34f8fb71e350a59a55fc4b3cbdaa2212e1a0b6b61
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d761917d168cd53be7856e7ae886e2e4c238bab25338dd5cbcb8cfbc0f8ec6
d10b51032596c08f0871314c0b25101733ed056d995a43474baf2d3a06560fdb
d3f9dba43caac17e172315e0f2499f0dfb6c39a5a417a1cd9a2d8254d894f0af
d69360449083669eebe0d795811894078d279c640f7e3c699abc094a0c2af5b2
d6a296a4707a1b770416f1e9a2965e80ff9a1d03faeb84fe33cc22f7e6398c03
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb
d80fbbe2dd4c42772056b7829ea3fc5972fb46a869f1189da29ac414039f6617
d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d9bd32e2df8a0a392412c19dae13c308260669be5cc6e0c0a6c177637dac8658
da13034c9cc2b23b6faac55d3d789a9803b06b52c50ba8fbdc8a219b8d693f1f
da16d21540d506f4d5f8a1d94e8403058bb48cea5a0222d37594a3b698601ede
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
dbefcdaaf15e62326e609afe9680b60d63f41ea0b18076718004039da7620c83
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
deaee4eecb23f7ed8bb1c5dda80bcf6b71419b47441cad9c32090de442a375d6
debb712196d5cadeea88c64b0c3364265abdee5035a71c65ac9172ccdd8250b8
df4af85817b7789170c0e43a297b07f6765b896b49b3e7f5691a46b944605505
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67ee82a084f79907eae673d637853d931d9cc60fc6c8d624db5da52fd9a5c46
e75f593db8c7a39b4be3017873d9c9e66c35a8cdd101e028ece84abaca9793a1
e87735af54fe542a92f75c56eb5061d6636fdb413a009299ec36e6f89fd0078c
e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7
eb12d51c756b64a9e09b689e64b142974ba3776c596fd4f548990702cd230d32
eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a8d1efba700909c8dd09504eca8f57fc3d2cb22f0f40c446559262f96782c
ef79d1e96c1ee39b0731aa1a5c9c8c723ae64d3e76388c86339ab7dca2ba745a
f0608209d5bbfaf3f143c23e1bb7ad9f0e710b665b7b1c3deaa53108f736530c
f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15
f3062ed2ae11c1e888bf3e68ab965378e197c80e5cf46a52475ecedb4bc4700d
f32d186fa93956e4f34f294de3a0ba24afec2d3e1b856b237f93cfa4b0512f5e
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f90ceebf380dd2738a4b0bae725ca5ccc940bde85d73c64e62d462fd1b8cc134
fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9
fc48942091de2e8308efd06482aa8f071e8b9d575a22e231247979b7f45d2eb9
fca42514479097e64040f72f944b9661029139dedbe3293d72b6f079dedc5aee
fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251
fd3c5e931997685edd6b40a5aaee81c19cdcbeba459fa44aa09137d75b2bcf63
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ffaaefe0cbf4e49f66e58bf7e431e6f214b1b722ddc8d92f5825f79ac7c1b686

vip.disksusiangka.info Open in urlscan Pro 172.96.191.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

2777 Requests

92 %HTTPS

25 %IPv6

91 Domains

118 Subdomains

70 IPs

9 Countries

580755 kBTransfer

636695 kBSize

131 Cookies

50 Outgoing links

Redirected requests

2777 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 53 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vip.disksusiangka.info Open in urlscan Pro
172.96.191.134 Public Scan

Screenshot
Live screenshot

Full Image

2777
Requests

92 %
HTTPS

25 %
IPv6

91
Domains

118
Subdomains

70
IPs

9
Countries

580755 kB
Transfer

636695 kB
Size

131
Cookies

2777 HTTP transactions
53 data transactions