garansitombak.cfd Open in urlscan Pro
2606:4700:3034::6815:5449 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://garansitombak.cfd/
Submission: On November 02 via api (November 2nd 2024, 5:01:05 am UTC) from BE — Scanned from DE

Summary HTTP 170 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 170 HTTP transactions. The main IP is 2606:4700:3034::6815:5449, located in United States and belongs to CLOUDFLARENET, US. The main domain is garansitombak.cfd.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.

This is the only time garansitombak.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:5449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
105	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
9	103.253.144.208 103.253.144.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.248.147.63 104.248.147.63	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
8	95.111.192.140 95.111.192.140	202053 (UPCLOUD) (UPCLOUD)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
8	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
13	13.35.58.16 13.35.58.16	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.130 172.64.151.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.213.161.204 23.213.161.204	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	157.240.247.8 157.240.247.8	32934 (FACEBOOK) (FACEBOOK)
2	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	157.240.247.35 157.240.247.35	32934 (FACEBOOK) (FACEBOOK)
170	15

1 2606:4700:3034::6815:5449 (United States)

ASN13335 (CLOUDFLARENET, US)

garansitombak.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

105 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

file001.nxtengine.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.253.144.208 (Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: sgp1.digitaloceanspaces.com

amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.147.63 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

gambarmanis.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.111.192.140 (Singapore)

ASN202053 (UPCLOUD, FI)
PTR: 95-111-192-140.sg-sin1.upcloud.host

nextgen.sg-sin1.upcloudobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.nextgen.sg-sin1.upcloudobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user-upload.aws-s3-r1r2str0bjx.sg-sin1.upcloudobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.35.58.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-16.fra60.r.cloudfront.net

p670ty4f35.gcdikeagzb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.130 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

app-a.cdnlogic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.161.204 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-204.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.247.8 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.247.35 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-ams2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
105	nxtengine.net file001.nxtengine.net — Cisco Umbrella Rank: 406788	3 MB
13	gcdikeagzb.net p670ty4f35.gcdikeagzb.net — Cisco Umbrella Rank: 509870	1 MB
10	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 10512	17 MB
9	digitaloceanspaces.com amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com — Cisco Umbrella Rank: 630373 lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com — Cisco Umbrella Rank: 684151	11 MB
8	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	5 KB
8	upcloudobjects.com nextgen.sg-sin1.upcloudobjects.com — Cisco Umbrella Rank: 611245 img.nextgen.sg-sin1.upcloudobjects.com — Cisco Umbrella Rank: 707809 user-upload.aws-s3-r1r2str0bjx.sg-sin1.upcloudobjects.com	2 MB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	85 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
2	gstatic.com fonts.gstatic.com	35 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	cdnlogic.net app-a.cdnlogic.net	69 KB
1	gambarmanis.xyz gambarmanis.xyz	6 KB
1	garansitombak.cfd garansitombak.cfd	15 KB
170	13

	Domain	Requested by
105	file001.nxtengine.net	garansitombak.cfd file001.nxtengine.net
13	p670ty4f35.gcdikeagzb.net	garansitombak.cfd
10	blogger.googleusercontent.com	garansitombak.cfd
8	www.facebook.com	garansitombak.cfd
6	lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com	garansitombak.cfd
5	connect.facebook.net	garansitombak.cfd connect.facebook.net
5	analytics.tiktok.com	garansitombak.cfd analytics.tiktok.com
5	img.nextgen.sg-sin1.upcloudobjects.com	garansitombak.cfd
3	amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com	garansitombak.cfd
2	fonts.gstatic.com	fonts.googleapis.com
2	nextgen.sg-sin1.upcloudobjects.com	garansitombak.cfd
2	fonts.googleapis.com	garansitombak.cfd
1	user-upload.aws-s3-r1r2str0bjx.sg-sin1.upcloudobjects.com
1	app-a.cdnlogic.net	garansitombak.cfd
1	gambarmanis.xyz	garansitombak.cfd
1	garansitombak.cfd
170	16

This site contains links to these domains. Also see Links.

Domain
bintanggaransi.cfd
www.facebook.com
download899.com
206.189.58.16
209.38.17.237
170.64.228.41
wa.me
t.me
www.instagram.com
www.youtube.com
www.tiktok.com
x.com
direct.lc.chat

Subject Issuer	Validity	Valid
garansitombak.cfd WE1	`2024-10-29` - `2025-01-27`	3 months	crt.sh
nxtengine.net WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.sgp1.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-12-17`	a year	crt.sh
gambarmanis.xyz R10	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.nextgen-internal.sg-sin1.upcloudobjects.com R10	`2024-10-18` - `2025-01-16`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
nidnwatvde.net Amazon RSA 2048 M03	`2024-07-11` - `2025-08-09`	a year	crt.sh
cdnlogic.net WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-11` - `2024-11-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
06c24599-3fa2-4fa9-a0d1-730e5bfddb6b.sg-sin1.upcloudobjects.com R10	`2024-10-09` - `2025-01-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://garansitombak.cfd/
Frame ID: 74506C76585F0AE6BC14B4A16320799D
Requests: 170 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GARANSI88 - Kumpulan Daftar Permainan Online Resmi Terbaik dan Tergacor - GARANSI88

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

170
Requests

100 %
HTTPS

27 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

35629 kB
Transfer

36860 kB
Size

5
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://bintanggaransi.cfd/launch-pragmatic/vswaysmahwblck

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/garansi88cuan1
Title: GROUP LOMBA FACEBOOK

Search URL Search Domain Scan URL

URL: https://download899.com/garansi88/grs88.apk
Title: DOWNLOAD APK

Search URL Search Domain Scan URL

URL: http://206.189.58.16/

Search URL Search Domain Scan URL

URL: http://209.38.17.237/

Search URL Search Domain Scan URL

URL: http://170.64.228.41/

Search URL Search Domain Scan URL

URL: https://wa.me//+6282311746331

Search URL Search Domain Scan URL

URL: https://t.me/CHANNELGARANSI88

Search URL Search Domain Scan URL

URL: https://www.instagram.com/garansi88ofc/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCi29nJpAWI4F2g2zlU-vlUQ

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@garansi88ofc

Search URL Search Domain Scan URL

URL: https://x.com/garansi88o14588

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/16827207/
Title: Live Chat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

170 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
garansitombak.cfd/ 109 KB
15 KB 312ms
233ms Document
text/html 2606:4700:3034::6815:5449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65ccf52ad521bcb2f74c9102405cc71ad591859465fb2a35c10b54cb04c122e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8dc18ff2fbe62a6a-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Nov 2024 05:00:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2Mut%2FawSoGf5%2FRGt09CauWYzvwSqoddTy%2FZaug7XbfUdD4m%2BnUbb%2BE%2FExwi%2F8YCxpcjiJiv4QQizK4Zh%2BnTukKufX8hwvU1GGB3vwcaja2gnXGsX7911zGgawRu09ePYl1ZZVmR%2FuVp7PSSTR7z0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=14138&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3914&recv_bytes=2289&delivery_rate=265217&cwnd=206&unsent_bytes=0&cid=ded1e9d1907fccae&ts=241&x=0"
vary: accept-encoding

GET
H3 200 theme-3.0.css
file001.nxtengine.net/nxt-panel/css/ 230 KB
31 KB 77ms
43ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/nxt-panel/css/theme-3.0.css
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b418d8943c8b39baa7776b86f35c391a3ecaf1c9bfb4166a93524ada793977

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-3989a"
age: 6178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9w3WElvb7CGbUCF352r9AVjSRlFPSsd6Bth1oBH7C8yo4IZ3Rm3addR%2BJqb0mX5vtY9OTwVNEhvv3mVxHx2dpYYe%2F9kYyNkp7ydUrFmyEgpZgxahd%2Fkldjac43ocPsIHebW%2BcXpjSyM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=36&x=1", cfExtPri, cfHdrFlush;dur=12
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b8fb02b5-CDG
server: cloudflare

GET
H3 200 bootstrap-icons.min.css
file001.nxtengine.net/open-src-pub/bootstrap-icons/font/ 84 KB
14 KB 76ms
42ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/bootstrap-icons/font/bootstrap-icons.min.css
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"663331c8-14f73"
age: 2106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0p33gUcj0Ql2YrjYJVwSbYG7Plo5CVDycpSR5XKrT6gFygxoHi0XZNBCkzPdk7TRnlNPqcfA5Z6s3ElMxij9lWnz5ENHg5w4fJcyWmbTINeEJ0y7DEHMWMWn%2F0FyI8frGGK7qLBDDU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=35&x=1", cfExtPri, cfHdrFlush;dur=13
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css
last-modified: Thu, 02 May 2024 06:25:12 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b8fa02b5-CDG
server: cloudflare

GET
H3 200 all.css
file001.nxtengine.net/open-src-pub/fontawesome/css/ 135 KB
22 KB 74ms
41ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b036af4bf83bdf1f13df4ef3560a2f4e27201f42feb54c73f336a7a40825a8ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-21abd"
age: 5013
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQEMEXToGg7VTRTwdSUE8XM8pNAqWmCSRoEVzpljEZCiCK3nF7umi%2F8PiNqpnlMIYADM72%2B8FGokjGVR7DFvBNecfNfdad8tcZNZd3R6447KjuvO2cxp8%2BOK8DqDzuguMxcXqm5LBWs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=35&x=1", cfExtPri, cfHdrFlush;dur=13
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b8f702b5-CDG
server: cloudflare

GET
H3 200 owl.carousel.min.css
file001.nxtengine.net/open-src-pub/owl-carousel/ 3 KB
2 KB 76ms
43ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/owl-carousel/owl.carousel.min.css
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-d17"
age: 1995
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FC1OkkQbuvCNs4FOux4%2BWwZzkq0rOPqp%2FgS0n7omZic1PZw5iPnsHcmz%2BEgMI4ioQriJO2mkjhQG%2BlU6BEBFTMmJKqHICAPSETVJO91rwo%2F2PTpTK0GGxzmTXfxIcbm09KKVLtjRs0U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=34&x=1", cfExtPri, cfHdrFlush;dur=14
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b90002b5-CDG
server: cloudflare

GET
H3 200 owl.theme.default.min.css
file001.nxtengine.net/open-src-pub/owl-carousel/ 1013 B
1 KB 110ms
77ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/owl-carousel/owl.theme.default.min.css
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-3f5"
age: 5965
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0P%2FDqXsilQsezPpokfEibbOIeH7czXtrEAxcvYJDZYn60yRKeLhSWbr105lHOkg1UB4%2FxZC%2BPaROmMUDdWXY%2BsHsatCjgR6hXzSvmPu92lRlM49vSiVxHSaCVXmVxW9Pzl65Hee32Sg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=35&x=1", cfExtPri, cfHdrFlush;dur=28
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b90902b5-CDG
server: cloudflare

GET
H3 200 default.css
file001.nxtengine.net/nxt-panel/css/ 5 KB
2 KB 108ms
75ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/nxt-panel/css/default.css?v=1.0.3
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2313bf47fc5c4e50bd62fffdebe164d15b1a5463429acfdcc0d3836ab5ceae39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-1379"
age: 2074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuPMQC7bcfmbT88Y3Q87rxzbzX%2BeS0FMe6NIWgXNoOquaG%2Bu%2Bgk0TExX05Cc6qEn%2FJyO15QfYUjO6els%2BiyC7xAYuqRMbckD9sz2AOebjgHfypugtwtBzQsrH3CLdWusnWFz9WfY3iY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16197&sent=23&recv=19&lost=0&retrans=0&sent_bytes=16155&recv_bytes=7593&delivery_rate=36526&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=39&x=1", cfExtPri, cfHdrFlush;dur=24
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b90802b5-CDG
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 60ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Exo+2:wght@700&family=Saira+Condensed:wght@600&display=swap

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8d3848c674fc28e09551c62fb392077675c7a489efa3e7487ab2671be990ba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 05:00:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 02 Nov 2024 05:00:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
706 B 61ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 05:00:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 02 Nov 2024 04:55:27 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 bootstrap.bundle.min.js Show response
file001.nxtengine.net/open-src-pub/bootstrap/ 76 KB
24 KB 122ms
90ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/bootstrap/bootstrap.bundle.min.js
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6632e5e6-13131"
age: 2074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZmQ5lbf%2FyBgDTR%2B%2BGh8H%2Fej8En1bWAifq7fkcX7CPtsGyHNoH0YCk0yGFMHlHXMcKKzqmKVG3YjJyPEDtA3NRrjR32rDksS4PH36pBzKNrlg1M5vTo1QsZFmvSb5mCimW4uBOrwLMY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=36&x=1", cfExtPri, cfHdrFlush;dur=27
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/javascript
last-modified: Thu, 02 May 2024 01:01:26 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b90402b5-CDG
server: cloudflare

GET
H3 200 jquery-3.7.1.min.js Show response
file001.nxtengine.net/open-src-pub/jquery/ 85 KB
31 KB 75ms
44ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/jquery/jquery-3.7.1.min.js
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"28feccc0-155ed"
age: 2077
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BgBogr3WJq5hsNb78qG2d8y5DuTc5oeHmlZPZCRTRxvb9N99SK90lt0ixdQFJw6hKVwBt7hSAReWG1mh7LnAlgZa9VSQsDojhwCMN%2BZsxfe%2F57ZEHY2WUHd9dcq6nEVPIR7Xa0Iwh8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=35&x=1", cfExtPri, cfHdrFlush;dur=13
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/javascript
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b8ff02b5-CDG
server: cloudflare

GET
H3 200 ui.js Show response
file001.nxtengine.net/open-src-pub/nxt/ 16 KB
7 KB 111ms
79ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/nxt/ui.js
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 946ec1d55630578c71de414775f86d627e2ecb77b3be15101707929eea9ff2e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65a379cb-3f2b"
age: 2821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y2l%2F0NDMSwSdP5ybb4NkCSiAaJeP0AdY485NucIqe5HVFRNW0Ke94gYyd54xT1iN%2B0jBJNpxbigWwO7UtGQ0ZpWfeldu%2F%2B4EbF39zySo5D9ZDmFwLQyPfShvnB1qhRv16bNed5QiLTs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=33&x=1", cfExtPri, cfHdrFlush;dur=15
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/javascript
last-modified: Sun, 14 Jan 2024 06:06:03 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b90202b5-CDG
server: cloudflare

GET
H3 200 utils.js Show response
file001.nxtengine.net/open-src-pub/nxt/ 2 KB
1 KB 122ms
90ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/nxt/utils.js
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43b94d3d3c6f9de2521534cd141d5c8bbe90f0b3a90098048d4b84fd2c6bc5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-7bc"
age: 5214
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FRzt6hdDOSBYBAFhM95tmDQ%2B0vTbdzz7MMRqZzn4qsWDez4Q7IAFELnt49NXZmWBl5ttIo2ZohQWf%2FSaMNWaO%2FtnwBt2AgFD2EjlPkwqyZrx452k%2F7wyld2l4vDXyimfFhmDkYTGZY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=22&recv=17&lost=0&retrans=0&sent_bytes=15578&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=36&x=1", cfExtPri, cfHdrFlush;dur=27
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/javascript
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b90702b5-CDG
server: cloudflare

GET
H3 200 owl.carousel.min.js Show response
file001.nxtengine.net/open-src-pub/owl-carousel/ 43 KB
12 KB 57ms
25ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/owl-carousel/owl.carousel.min.js
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65b64b80-ad36"
age: 2821
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHotfhz4CH5dhcgFR7BmadTQCaBFqR1r8hjhBpOQsBpeoeJNbLzfbNE48iktsIdv09OIOsbtrdTz7AdKknklIDjLmbwguKDkAzzbWk7i%2BGYRO7M17lOqsWcQ1j4SjPr0UQFCh%2Fh8O1U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16307&sent=12&recv=17&lost=0&retrans=0&sent_bytes=4155&recv_bytes=7503&delivery_rate=179643&cwnd=12000&unsent_bytes=0&cid=0082a9776fa78872&ts=32&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/javascript
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff4b8fd02b5-CDG
server: cloudflare

GET
H2 200 button.css
amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com/share/ 4 KB
4 KB 539ms
184ms Stylesheet
text/css 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com/share/button.css?v=20231129

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

eb21bdeb7f1199cb532f98b6fa229dadc40131e48be14cc1ca8451ad25ebaa15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
x-amz-meta-s3b-last-modified: 20231129T032329Z
etag: "0df0abf2b3dbc0a968397bbd452c7999"
x-amz-request-id: tx000008a414e1b61daffce-006725b1f9-3f43260d-sgp1b
accept-ranges: bytes
content-length: 4015
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Wed, 29 Nov 2023 03:23:50 GMT
x-amz-meta-sha256: eb21bdeb7f1199cb532f98b6fa229dadc40131e48be14cc1ca8451ad25ebaa15
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css

GET
H2 200 downloadapk.css
amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com/share/ 1 KB
2 KB 539ms
183ms Stylesheet
text/css 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com/share/downloadapk.css

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

7bc2713e7c09a8e1bfecc9e06056e661c931b78b124cf3d69ddba78aae02737d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
x-amz-meta-s3b-last-modified: 20231129T024803Z
etag: "75d314cf09e6cea8af2422d2f02cf060"
x-amz-request-id: tx00000eeda6302cbceef01-006725b1f9-3f435739-sgp1b
accept-ranges: bytes
content-length: 1190
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Wed, 29 Nov 2023 02:48:24 GMT
x-amz-meta-sha256: 7bc2713e7c09a8e1bfecc9e06056e661c931b78b124cf3d69ddba78aae02737d
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css

GET
H2 200 inject.js Show response
amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com/share/ 2 KB
2 KB 539ms
184ms Script
application/javascript 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com/share/inject.js

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

40838675b2a634b0d94eced8e04a68fb66ff18b44116c640b041bd1a266bd7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
x-amz-meta-s3b-last-modified: 20240512T153640Z
etag: "3ac9b741e055f987f5888afa23f6543d"
x-amz-request-id: tx000009230d7ef40a05b3a-006725b1f9-3f437eef-sgp1b
accept-ranges: bytes
content-length: 2144
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Sun, 12 May 2024 15:37:08 GMT
x-amz-meta-sha256: 40838675b2a634b0d94eced8e04a68fb66ff18b44116c640b041bd1a266bd7e4
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript

GET
H2 200 messege.js Show response
gambarmanis.xyz/investoto/ 19 KB
6 KB 634ms
175ms Script
text/javascript 104.248.147.63
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://gambarmanis.xyz/investoto/messege.js
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.248.147.63 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: 503b9f69d5efa0fa1843f008a8a5a44d2315ea0437a204687854a7d75dc4805d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
etag: "4cac-61e63b1fce340-gzip"
accept-ranges: bytes
content-length: 5812
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Mon, 29 Jul 2024 14:29:57 GMT
vary: Accept-Encoding
server: Apache
content-type: text/javascript

GET
H2 200 garansi88.gif
nextgen.sg-sin1.upcloudobjects.com/img/brands/r2/ 431 KB
433 KB 538ms
169ms Image
image/gif 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nextgen.sg-sin1.upcloudobjects.com/img/brands/r2/garansi88.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

fc5e9c92edb5fd07305c5ae51c4e51f2117d4f5d1f8c9a5ded67d9b7aa1fa7b0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: fc5e9c92edb5fd07305c5ae51c4e51f2117d4f5d1f8c9a5ded67d9b7aa1fa7b0
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20231202T160827Z
etag: "3c5a14103cca637c5de7a3c4dedc774c"
x-content-type-options: nosniff
x-amz-request-id: 18040E154D5BA848
accept-ranges: bytes
content-length: 441669
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Sat, 02 Dec 2023 16:12:58 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H3 200 home.png
file001.nxtengine.net/open-img-pub/nxt/category/ 3 KB
4 KB 395ms
392ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/home.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e1b594a56de38349cf125bb1fc77b9bfdd06a0a3eaf27bac4c17909410380b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "6428095b-cb8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2F2jV54ZRGwo0jSkxpe2jifzxbvq9wUlYuSBCVmx6ZTqA6Bt6PR9tHYUPbIUkMxHFRscEj1iGDLtr%2BjJsONGTWvqjEaID3iVFHr%2FxUMJ26I%2F%2BD5H015J0Rv54rmPKvjpy7ZhtyLNztk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=2977&recv=413&lost=660&retrans=660&sent_bytes=3327321&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1004&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 10:37:15 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff88b6602b5-CDG
accept-ranges: bytes
content-length: 3256
server: cloudflare

GET
H3 200 slot.png
file001.nxtengine.net/open-img-pub/nxt/category/ 3 KB
4 KB 374ms
369ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/slot.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deda218066b005f45720158a559b8a2dae3556ad053a73756503572b1781c49a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "642800fb-ce2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZJCcTOQKg8Mp1RqhLjXXrRkNE3OFKs8fbXsTD1emscm2sFsXJqLUGxwCioahvCo06y5lBG6WmsJoHhLhYteZYtKd2uSBMZRfRaVu93mCY3KivK8JHuYIaUnXOThFNYiof53EZU9h9M%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22865&sent=2902&recv=411&lost=660&retrans=660&sent_bytes=3241716&recv_bytes=55394&delivery_rate=165185&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=982&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 10:01:31 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff88b6b02b5-CDG
accept-ranges: bytes
content-length: 3298
server: cloudflare

GET
H3 200 livecasino.png
file001.nxtengine.net/open-img-pub/nxt/category/ 4 KB
4 KB 375ms
369ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/livecasino.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a88a23e00f6f1f4898e868878a91c2efeddd4775b982735186c32ab64361ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "64280000-ee7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qsBx%2Fl%2BVk3hCvm68SSkyslLhvnera0UdHGHcY27mN1qM18Y36DhlHtq3SOs9mUPgrsbWvdL9vipOUZEb8oomBzj%2FV8KJQrrBnr73dPf59whoI4pJa6HMibDSg%2FNbT9n2fFG5cGJOVFU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22865&sent=2898&recv=411&lost=660&retrans=660&sent_bytes=3237136&recv_bytes=55394&delivery_rate=165185&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=981&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 09:57:20 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7002b5-CDG
accept-ranges: bytes
content-length: 3815
server: cloudflare

GET
H3 200 sport.png
file001.nxtengine.net/open-img-pub/nxt/category/ 3 KB
4 KB 340ms
333ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/sport.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f5b834d95387cdabcc7406fc5bdf59d274e44b1cb2c98f685f1a6ec73e53de0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "6428011a-dc8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9IL%2FIYddBPM8%2FKuVvVFUtIt4Zt4zaz8iEMfqJfx7CNdZxVza1U0UlEwhgYkJLq97rVwZggecCdDJBXOItrxZkOMqIXwNYfewNw9M1faQH0%2FTNJG8debb936mZQkNNtlSJzrSxOvY%2BE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24897&sent=2887&recv=409&lost=660&retrans=660&sent_bytes=3226506&recv_bytes=55304&delivery_rate=625303&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=954&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 10:02:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7302b5-CDG
accept-ranges: bytes
content-length: 3528
server: cloudflare

GET
H3 200 togel.png
file001.nxtengine.net/open-img-pub/nxt/category/ 3 KB
4 KB 377ms
369ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/togel.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a39eb42f1072d40abde1c3ece7cb0bb0c0280c1d18e2be7c6bcb2cae0a1379

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "64280146-d93"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Pp4V84CmxzUDdZmbc%2F%2B%2BECgDYNj0t1aUmh3WOSDO6NQTu6brClj4%2B25vnOwp2P2iFvZBZJQQ4D4v4ZSZq%2F%2FZiBPcwnNDV%2FLtFN84ajxrmf0jlbiqwJfzk2eDQspKXXFtt2FKj4kPpA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22865&sent=2906&recv=411&lost=660&retrans=660&sent_bytes=3245775&recv_bytes=55394&delivery_rate=165185&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=986&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 10:02:46 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7502b5-CDG
accept-ranges: bytes
content-length: 3475
server: cloudflare

GET
H3 200 table.png
file001.nxtengine.net/open-img-pub/nxt/category/ 4 KB
4 KB 40ms
32ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/table.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fad94fd4e092e114357f80fed301b21679ea04536e2988a79164d83f8821561

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6487335d-ef0"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P7tPxoWl1qQqO8dQ1sqU%2F%2Byp6kUlzYvDFZSvT4gUYLCjkrYpHQDYQb5lR2mFgatuZX4ycfCGTQRCQMcy2zfMF6q7gWc9RPnxdXw9PjY0PwsJCvRUTpgshGpEH%2BvAFDpB9B7oCnOxkYg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17403&sent=167&recv=82&lost=0&retrans=0&sent_bytes=158453&recv_bytes=13503&delivery_rate=3514031&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Mon, 12 Jun 2023 15:01:49 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7802b5-CDG
accept-ranges: bytes
content-length: 3824
server: cloudflare

GET
H3 200 fishing.png
file001.nxtengine.net/open-img-pub/nxt/category/ 5 KB
6 KB 41ms
32ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/fishing.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8147e11a6b921addff5671469c94f987baa1fe8e468739e2394f38e7b960436f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "64873339-13e2"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gvl6bhd6EWCJZoLYi2a2CDYWeBgPBvreQp%2BHHMLFwpOj9i%2Fc%2FbAWtKsaCDIzGE7wZeq3wLkCB6YhYcVMI30o%2BziiB4Dv0W%2BU%2FZ25DQ5pKKvLXfW2rJsu3%2Bf87dUFzjRQNP8ADHxy%2BtU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17403&sent=171&recv=82&lost=0&retrans=0&sent_bytes=163042&recv_bytes=13503&delivery_rate=3514031&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=652&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Mon, 12 Jun 2023 15:01:13 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7902b5-CDG
accept-ranges: bytes
content-length: 5090
server: cloudflare

GET
H3 200 cockfight.png
file001.nxtengine.net/open-img-pub/nxt/category/ 5 KB
6 KB 75ms
65ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/cockfight.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ca70b23852468d475609f1e322ac24a6e54d51aba563e3747bdcad571b5214

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "64873321-13ce"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNwLyKZ3XD3C4sMKj5eGVtjIQBPJkgCRT%2FDLr9BbHLTVpSkgXPzPVBQv2du66QFp9fGuqajbSrx2%2FXw1EpyrBF43w4Bq79o%2BhPUJyFnHgl4tiMsOw7TAxsemVWH6B2UPtadMB4gxFG8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=16
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Mon, 12 Jun 2023 15:00:49 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7b02b5-CDG
accept-ranges: bytes
content-length: 5070
server: cloudflare

GET
H3 200 arcade.png
file001.nxtengine.net/open-img-pub/nxt/category/ 5 KB
6 KB 66ms
56ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/arcade.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 925759777ebc944ad06902a96a1cf03b053eee689247212ecfa7da36b6a28c18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "642802d4-13c8"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NVhpWhjQH%2F4JBy%2FDsitxyJ5b2MrbNbUKxfSKNKHKxNnFadC5Qvs5F%2FazUXxFi%2FqisCw%2BEc3OjRQ3YlSwFhAyenDV5WbSi49DzAt%2F%2Fy9RN45IVxAMGOozCLGvK4NAa9Y1vxoa%2BZTANlQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 10:09:24 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7c02b5-CDG
accept-ranges: bytes
content-length: 5064
server: cloudflare

GET
H3 200 promo.png
file001.nxtengine.net/open-img-pub/nxt/category/ 4 KB
5 KB 75ms
64ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/promo.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e329ea9d7d0feccd6ad36f5c8b0e9f230fb85fc89b91c528d7f85adc721ad03d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "64280984-11ab"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6HJ54iR8b9CGWlNYUUFmD2Yxkrt6VIsO%2FHRF2WOuQ0cxhxHjTD7l2T3YdRzOaGmJDPKfuZB8NvmwQk7NG%2B0LXeHaI7rV%2FCfIkClx7Q9TW0j11GLL1ZoErCzQ6OtQEtMRDw3lV5tSXo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=16
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 01 Apr 2023 10:37:56 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff89b7d02b5-CDG
accept-ranges: bytes
content-length: 4523
server: cloudflare

GET
H2 200 mega-gacor-icon.png
nextgen.sg-sin1.upcloudobjects.com/img/slider/ 12 KB
12 KB 232ms
208ms Image
image/png 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nextgen.sg-sin1.upcloudobjects.com/img/slider/mega-gacor-icon.png

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

fe68a0ea7c244d4c7eb8718785534c597594e1780062f56e8afbec5f3b0d1db3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: fe68a0ea7c244d4c7eb8718785534c597594e1780062f56e8afbec5f3b0d1db3
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20231003T152223Z
etag: "19fbb80c879d0e841a1f97a15d2df068"
x-content-type-options: nosniff
x-amz-request-id: 18040E155ED6F41C
accept-ranges: bytes
content-length: 12075
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Tue, 03 Oct 2023 15:22:37 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H2 200 POPUP%20SC%20HITAM.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdJsub5-eVWgiH-9XHRvJcFtOOSNjcGqjoagfDMXXCP9KmQRFQp2QfapakZzBBn8Sn6h7rfwtW5MRC0zAsBMIrCQN4FSFydF4HBfuEgYj8uLc1bqj2bokX9SZqa0VbEqss5CT9XKCQJrSWUS8Y... 137 KB
137 KB 505ms
462ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdJsub5-eVWgiH-9XHRvJcFtOOSNjcGqjoagfDMXXCP9KmQRFQp2QfapakZzBBn8Sn6h7rfwtW5MRC0zAsBMIrCQN4FSFydF4HBfuEgYj8uLc1bqj2bokX9SZqa0VbEqss5CT9XKCQJrSWUS8YLa9uS1JHxAx8HeN8zOw5yQsbB0EABlR3IjTeUo5C9M9H/s16000/POPUP%20SC%20HITAM.png

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

17df7def0661c0c4520632cf848e733c886c25c52b689770b088a1e2f3497ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v2cc"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139959
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="POPUP SC HITAM.png"

GET
H2 200 GARANSI%20EVENT%20SCATTER%20HITAM.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQmXARciwtk3guDru-ahR7lSqtr0IZUF3vyAeJaiRTnYhdWImW7I4kkOkunLVKXZxUuhhR8mgv1Fk-OYgLEIKGBtMUhEqvN5FTRD2L6FFSD0ujMPewe0ryKZLVneFcLx8VtZ2IX5RdodA7fdRi... 1 MB
1 MB 462ms
461ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQmXARciwtk3guDru-ahR7lSqtr0IZUF3vyAeJaiRTnYhdWImW7I4kkOkunLVKXZxUuhhR8mgv1Fk-OYgLEIKGBtMUhEqvN5FTRD2L6FFSD0ujMPewe0ryKZLVneFcLx8VtZ2IX5RdodA7fdRiW6KeYuy1nf2VFNGlYFzNT65j4SIq7cgnYXBtyeEDlzCh/s16000/GARANSI%20EVENT%20SCATTER%20HITAM.png

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

88a92b2728ee58c8c5147cbf16a7d757eb14d44d261545948f169254ae8edbad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v2c7"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1260216
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="GARANSI EVENT SCATTER HITAM.png"

GET
H3 200 SCATTER%20EMAS%20BONUS.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2fu2jW3CUNYUUabe3uiOPYzCkKbDJrFAr8nCAmQNWozkYfPszMpi_cnavjBcxIz6To5FiG7ETVoyTI2A3g0RTsDszj60v3eOdzrUkOTi8aAd_OCmJcNwpv007YH40pv2KvkFHDZPA1c34wNgg... 1 MB
1 MB 527ms
525ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2fu2jW3CUNYUUabe3uiOPYzCkKbDJrFAr8nCAmQNWozkYfPszMpi_cnavjBcxIz6To5FiG7ETVoyTI2A3g0RTsDszj60v3eOdzrUkOTi8aAd_OCmJcNwpv007YH40pv2KvkFHDZPA1c34wNggKtvX_NscUxpq3xDAurfiuTj_5a1cprLfwtiYID02s3-n/s1800/SCATTER%20EMAS%20BONUS.png

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

42ceedb4d8796ab9961b9fa99eaffa106198ea604de4d4d749305077c467bb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v223"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1070580
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="SCATTER EMAS BONUS.png"

GET
H3 200 AVvXsEiilO2Ty3BFfx-BuAsEYXcljdJzbhVVjFRYdWPuMI2c3Kz9PQHECQSAbKsG89p1nXth2n4a_AAlW337gwN2Le_c6fvQRlhwxUA1z6gs480fxsXmVvpllduY-Zzrf-n-EvPY_txnkoSuxHvazsuC5l-53iHwF8QBtELuRAcqwYGWnVeD5qn95-hWwsdoXcQZ
blogger.googleusercontent.com/img/a/ 212 KB
212 KB 683ms
671ms Image
image/jpeg 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEiilO2Ty3BFfx-BuAsEYXcljdJzbhVVjFRYdWPuMI2c3Kz9PQHECQSAbKsG89p1nXth2n4a_AAlW337gwN2Le_c6fvQRlhwxUA1z6gs480fxsXmVvpllduY-Zzrf-n-EvPY_txnkoSuxHvazsuC5l-53iHwF8QBtELuRAcqwYGWnVeD5qn95-hWwsdoXcQZ

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

9e417c5b942b5de750e61a459390603e20e48a6dc9c0a05bdd85d5fe44bd2c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v34"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217143
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="selama datang.jpg"

GET
H3 200 JACKPOT%20BANNER%2007.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxrnbqL86qSjxKxvw9A_acShAKTjbao0XZwqgtqnmDbeTaJaZ0V3ndILB_9uXMjSOFhBjr7D6j465gn1sNM6aFyRxjCBaQ1fE7fGdKWkiHBWF5uLKluIcOKpoSRFCDVoA-O3VjyTZjBiOpiyPS... 885 KB
885 KB 371ms
358ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhxrnbqL86qSjxKxvw9A_acShAKTjbao0XZwqgtqnmDbeTaJaZ0V3ndILB_9uXMjSOFhBjr7D6j465gn1sNM6aFyRxjCBaQ1fE7fGdKWkiHBWF5uLKluIcOKpoSRFCDVoA-O3VjyTZjBiOpiyPSH3w8XTTXyltNWilVQf6xAHkhbp8i5GcNJ1SKVRMQi2-c/s16000/JACKPOT%20BANNER%2007.png

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

1683e78b2a506e35c314d9b61e7eb6a5d5582a63c95e1c555a0dbfe27da48137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v1a7"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 906316
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="JACKPOT BANNER 07.png"

GET
H3 200 HADIAH%20TOGEL%203D%20TERBESAR.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3J709AL2Dipq1LrpLrAUnCDmH4rgukutrGYsnArCFPny7gSBwJm1SPNS9-DwWn7RgXOJBemKPrIBLRnsK0KXk6aRU4byzUAhN-w6cKHEOst-A2QobUrrysY0AxQ66EEYHtHhiybPV0vDAikuc... 846 KB
846 KB 503ms
490ms Image
image/jpeg 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3J709AL2Dipq1LrpLrAUnCDmH4rgukutrGYsnArCFPny7gSBwJm1SPNS9-DwWn7RgXOJBemKPrIBLRnsK0KXk6aRU4byzUAhN-w6cKHEOst-A2QobUrrysY0AxQ66EEYHtHhiybPV0vDAikucBBEuRgtVaYbliMOImh_TsRaJc5t0UTuRH3slBPMSMa9m/s16000/HADIAH%20TOGEL%203D%20TERBESAR.jpg

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

38ed327bf8d2a90f8f65aefbbbddc47821dd0aefcefabcc73c63b22512b22b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vf5"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 866483
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="HADIAH TOGEL 3D TERBESAR.jpg"

GET
H2 200 GRS88%20RTP%20SLOT-1719319523039.gif
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/ 2 MB
2 MB 1357ms
1333ms Image
application/octet-stream 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/GRS88%20RTP%20SLOT-1719319523039.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

a2d25b608653dc29b0da6c65528e64eda62c84a6170680820574860f86efa9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "c9202561ee8f0dbf19192cfc3104d4c2"
x-amz-request-id: tx00000ec0955ec81aea01c-006725b1f9-3f43260d-sgp1b
accept-ranges: bytes
content-length: 1878971
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Tue, 25 Jun 2024 12:45:23 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 GRS88%20TOGELgif-1719319624562.gif
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/ 2 MB
2 MB 1681ms
1658ms Image
application/octet-stream 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/GRS88%20TOGELgif-1719319624562.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

f1c732abc1f4fbe853b5a6aeeaa0528d1fd13c329b34947ffd6f60712d2bb4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "9bed601272422bcc3ea9425e67bd4108"
x-amz-request-id: tx000007ea822ef267c71e4-006725b1f9-3f435739-sgp1b
accept-ranges: bytes
content-length: 1957056
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Tue, 25 Jun 2024 12:47:04 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 GRS88-JP%20%281%29-1719319698554.gif
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/ 2 MB
2 MB 1146ms
1122ms Image
application/octet-stream 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/GRS88-JP%20%281%29-1719319698554.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

d6c3175eb0b77ba29030a56de980cc087386e8de6aae93b6160624a6017b3e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "d6c16538892602e9bf6dd05b9e81ddf4"
x-amz-request-id: tx00000e6b94b0c02fa9444-006725b1f9-3f437f7b-sgp1b
accept-ranges: bytes
content-length: 1883518
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Tue, 25 Jun 2024 12:48:18 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 GRS88-JP%20%281%29-1719319695962.gif
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/ 2 MB
2 MB 262ms
238ms Image
application/octet-stream 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/GRS88-JP%20%281%29-1719319695962.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

d6c3175eb0b77ba29030a56de980cc087386e8de6aae93b6160624a6017b3e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "d6c16538892602e9bf6dd05b9e81ddf4"
x-amz-request-id: tx00000223e14b82a8ccb9b-006725b1f9-3f4360c5-sgp1b
accept-ranges: bytes
content-length: 1883518
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Tue, 25 Jun 2024 12:48:16 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 GRS88%20TOGELgif-1719319617293.gif
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/ 2 MB
2 MB 1133ms
1110ms Image
application/octet-stream 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/GRS88%20TOGELgif-1719319617293.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

f1c732abc1f4fbe853b5a6aeeaa0528d1fd13c329b34947ffd6f60712d2bb4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "9bed601272422bcc3ea9425e67bd4108"
x-amz-request-id: tx00000acb78f925b8a3633-006725b1f9-3f435595-sgp1b
accept-ranges: bytes
content-length: 1957056
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Tue, 25 Jun 2024 12:46:57 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H2 200 GRS88%20RTP%20SLOT-1719319655547.gif
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/ 2 MB
2 MB 1793ms
1771ms Image
application/octet-stream 103.253.144.208
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com/2024/6/25/GRS88%20RTP%20SLOT-1719319655547.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.253.144.208 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

sgp1.digitaloceanspaces.com

Software

Resource Hash

a2d25b608653dc29b0da6c65528e64eda62c84a6170680820574860f86efa9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster
etag: "c9202561ee8f0dbf19192cfc3104d4c2"
x-amz-request-id: tx00000211c84ce2a3472ce-006725b1f9-3f4360c5-sgp1b
accept-ranges: bytes
content-length: 1878971
x-rgw-object-type: Normal
date: Sat, 02 Nov 2024 05:00:41 GMT
last-modified: Tue, 25 Jun 2024 12:47:35 GMT
content-type: application/octet-stream
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

GET
H3 200 AVvXsEjM29sE1Pio2QIjeTo5VKWvuwFQbeTx2uSPpOrBJIB5lqJJ1lre75692ft3qeSzaNYv07ibtp9P8WoYd1ng11GrtaHIpsjbd4RCBW774ucYlmucTOPPAUvHvPuCQnQhrWao1dJKhPdwbJ_SVDStvJ0Mv2BDhGHkpBxAifgGNUXB3WHNkKIxgOCh4JfQWOJU
blogger.googleusercontent.com/img/a/ 2 MB
2 MB 583ms
568ms Image
image/gif 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjM29sE1Pio2QIjeTo5VKWvuwFQbeTx2uSPpOrBJIB5lqJJ1lre75692ft3qeSzaNYv07ibtp9P8WoYd1ng11GrtaHIpsjbd4RCBW774ucYlmucTOPPAUvHvPuCQnQhrWao1dJKhPdwbJ_SVDStvJ0Mv2BDhGHkpBxAifgGNUXB3WHNkKIxgOCh4JfQWOJU

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

45efd6b597ce7b47a91d7153d5ac5efd1bac984587e962c984e96c01e18dd82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v36"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2423007
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="GARANSI88 JACKPOT.gif"

GET
H2 200 0028-spade-gaming-tournament.jpg
img.nextgen.sg-sin1.upcloudobjects.com/slider/ 166 KB
166 KB 230ms
191ms Image
image/jpeg 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nextgen.sg-sin1.upcloudobjects.com/slider/0028-spade-gaming-tournament.jpg

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

828c2421fbcb321ff62ec71e083129c9ee013ed9cae36fe516fd16dba138b084

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: 828c2421fbcb321ff62ec71e083129c9ee013ed9cae36fe516fd16dba138b084
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20240822T024545Z
etag: "858a308f599a5651b7530d28bc24d556"
x-content-type-options: nosniff
x-amz-request-id: 18040E155FFDAB9B
accept-ranges: bytes
content-length: 169624
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Thu, 22 Aug 2024 02:49:27 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H2 200 0032-turnamen-sweet-bonanza-candyland-daily-wins-mega-gacor-pragmatic.jpg
img.nextgen.sg-sin1.upcloudobjects.com/slider/ 168 KB
169 KB 230ms
191ms Image
image/jpeg 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nextgen.sg-sin1.upcloudobjects.com/slider/0032-turnamen-sweet-bonanza-candyland-daily-wins-mega-gacor-pragmatic.jpg

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

15899437c78e21638c231722b6e03abffb95f0be2320fc0c244efb379bb39e66

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: 15899437c78e21638c231722b6e03abffb95f0be2320fc0c244efb379bb39e66
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20241101T073839Z
etag: "e118c86c3785206a256cb06637960569"
x-content-type-options: nosniff
x-amz-request-id: 18040E155FFBA2F1
accept-ranges: bytes
content-length: 172370
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 07:49:39 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H2 200 0031-mahjong-wins-3-turnamen-harian-pragmatic-play.jpg
img.nextgen.sg-sin1.upcloudobjects.com/slider/ 229 KB
230 KB 229ms
191ms Image
image/jpeg 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nextgen.sg-sin1.upcloudobjects.com/slider/0031-mahjong-wins-3-turnamen-harian-pragmatic-play.jpg

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

ecedb0a23bcdd91ed68c4e23a376e871c7f806be75859bd6aef71014433fd262

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: ecedb0a23bcdd91ed68c4e23a376e871c7f806be75859bd6aef71014433fd262
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20241028T171354Z
etag: "21a0a213d614e3fa6de579c0bb5833f3"
x-content-type-options: nosniff
x-amz-request-id: 18040E155FFBD183
accept-ranges: bytes
content-length: 234939
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Mon, 28 Oct 2024 17:14:46 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H2 200 0030-pragmatic-mega-gacor-season-2-level-8.jpg
img.nextgen.sg-sin1.upcloudobjects.com/slider/ 176 KB
177 KB 192ms
191ms Image
image/jpeg 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nextgen.sg-sin1.upcloudobjects.com/slider/0030-pragmatic-mega-gacor-season-2-level-8.jpg

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

4eedb5149103e5a13b5c747237d5f0f3d44bc7c2acccc3b226f29c2a8b3eaba5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: 4eedb5149103e5a13b5c747237d5f0f3d44bc7c2acccc3b226f29c2a8b3eaba5
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20241024T115044Z
etag: "d7aa1a1f35097a0a4980e4f7e6e372c8"
x-content-type-options: nosniff
x-amz-request-id: 18040E156006F91C
accept-ranges: bytes
content-length: 179998
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Thu, 24 Oct 2024 17:00:54 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H2 200 0029-pragmatic-mega-gacor-season-2-level-7.jpg
img.nextgen.sg-sin1.upcloudobjects.com/slider/ 173 KB
174 KB 192ms
191ms Image
image/jpeg 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.nextgen.sg-sin1.upcloudobjects.com/slider/0029-pragmatic-mega-gacor-season-2-level-7.jpg

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

8502d11bae5c32165979ebfc1091ec90e0175407a6c930171d34ce5e8079dee1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-amz-meta-sha256: 8502d11bae5c32165979ebfc1091ec90e0175407a6c930171d34ce5e8079dee1
content-security-policy: block-all-mixed-content
x-amz-meta-s3b-last-modified: 20241001T182000Z
etag: "ef380bcbe40c9aab7606d577ea0f2688"
x-content-type-options: nosniff
x-amz-request-id: 18040E156006B5CB
accept-ranges: bytes
content-length: 176792
date: Sat, 02 Nov 2024 05:00:41 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
last-modified: Tue, 01 Oct 2024 18:24:26 GMT
server: nginx
vary: Origin, Accept-Encoding

GET
H3 200 vs20nxtolympx.png
file001.nxtengine.net/open-img-pub/games/pragmatic/ 80 KB
80 KB 62ms
48ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pragmatic/vs20nxtolympx.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ebdfc53cff59ba0dab9d1574ada6cd154547bdd1eb684e4ddb8ebc9ee89584a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66f0f2a2-13e48"
age: 3663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpKIt%2BSM3K3%2FOtN5bV92lCjlWXk6osrAl0eOeegqVTsUlsnDGZINROkWrnqT0n93cFVBffnr0yh590Ef8wh%2BH8VFDESruuZgzjPujXH2kTjwFGQLS2K1VRLAJv8Zo8P88zvInPboM%2FU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Mon, 23 Sep 2024 04:46:26 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8302b5-CDG
accept-ranges: bytes
content-length: 81480
server: cloudflare

GET
H2 200 vs20olympx.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 89 KB
90 KB 104ms
23ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs20olympx.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c25ae0cf142c425406fa62216262cc6625199720ce77d944fdd324d489c15962

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "d228456819299f2834353eed074c37e8"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 91565
x-amz-cf-id: z-Lb98kUFVrRKxaxA3emqjxt7jnatRB-sLoz1UHKEnrASxKSdv-1cg==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 65.png
file001.nxtengine.net/open-img-pub/games/pgsoft/ 22 KB
22 KB 70ms
56ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pgsoft/65.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a163fe4dc7724ee740dfb87995faedab8b21dc8435eccf0ecfbbb7a280bb523f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555e8bb-572f"
age: 1537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDCw7PsWRtiCbPZ8EowoygxAtRNRSzmPyeoRVebAk9QWYqR7SndyPNe6RKP1iU3oKCDTYTOb6ep04RXZ%2BCrzlUxWI96xmNuLy0WuCT7vasNruUydTPFN8pULs8wmHbnm1gZtjpZCC0c%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=16
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:02:35 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8502b5-CDG
accept-ranges: bytes
content-length: 22319
server: cloudflare

GET
H3 200 vswaysmahwblck.gif
file001.nxtengine.net/open-img-pub/games/pragmatic/ 248 KB
249 KB 90ms
77ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pragmatic/vswaysmahwblck.gif
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a26e824b55e2cff3300eb109e84810f39597b30eb0027dc0b26a510387a22ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "671f188b-3e173"
age: 1221
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FaUWuSbNgHBfm12MnYZkrx6yoEXz%2BzlqMkKTtPBlA7LxqARjSNlprJN1eJ4UE6O%2Bb0mtVOykrLpolV12IgkInVNvRwhNc43K%2FRQsU7KeDeNUPxbw5uhZvO%2BZOQOtGmi6ii1xhRCIJk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=31
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/gif
last-modified: Mon, 28 Oct 2024 04:52:27 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8602b5-CDG
accept-ranges: bytes
content-length: 254323
server: cloudflare

GET
H3 200 74.png
file001.nxtengine.net/open-img-pub/games/pgsoft/ 22 KB
23 KB 90ms
76ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pgsoft/74.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2326be32c03c1910e566eadd7229f45ed9ba81da0e2454ff6334b7b992fbca3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555e8bc-5786"
age: 551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFuholuE87REKuZ4AHUtG%2BVQuLLQ2SQbz6BBtRz9iwTBDQ02Kn0W92IEN2MA1Ln%2BZh9B565jOYtTAwndsFAhDWg0Lwr3XVdkkbcfDSfhVKZg%2FCWxaYlPGwEOXXb7lCJ1og7eq9wlUcE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=31
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:02:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8702b5-CDG
accept-ranges: bytes
content-length: 22406
server: cloudflare

GET
H2 200 vs20starlightx.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 95 KB
95 KB 227ms
146ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs20starlightx.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e405c8d3fd46ba6904768396470c14ef77817af765c789d49e7d333c0edb119

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "72074397154b16fb3c90a374eca58fec"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 96847
x-amz-cf-id: Wse-Rsoliz-wSiAFNoY-YT5mIEosnq9tNDAiKW3c2De1ED2ziFMLBw==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 87.png
file001.nxtengine.net/open-img-pub/games/pgsoft/ 24 KB
24 KB 89ms
76ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pgsoft/87.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b39cb9fa24ef68dbfd54405407e704958250668b7c6d2bb5db3448118faaa2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555e8bd-5f4a"
age: 716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57LGuigy4xsPGzRGLqofjySIPzM05YnzWXiYFlxRHcjJx2ELOC7yLSVk4MlllKpYPmE4XXKGYzAqrcFE2bVBS28D0Gla549NBSHnB61D1nqAfnmMlkL5YSpN1nzfKkix3i5g0S8fFvM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=31
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:02:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8b02b5-CDG
accept-ranges: bytes
content-length: 24394
server: cloudflare

GET
H3 200 60.png
file001.nxtengine.net/open-img-pub/games/pgsoft/ 20 KB
20 KB 93ms
80ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pgsoft/60.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b562aaa1411d3173d8b772aae667bbadade77418df7b0ba68a58733a51cf92c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555e8bb-4f4c"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf0dC9dZv%2BmIGpzTlX8TYEIa2bA%2BjyURCoipz4LrWSadQkaJ%2FIKXz%2F%2BlEFasVdPGqaTVSQWH4cHW9yKuFDOm%2BnApRUDHOkL4MAFwee8IQ31cvb4zjMLnTDE0DuSqxfWVzw0yEgRMu%2Bo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=32
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:02:35 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8c02b5-CDG
accept-ranges: bytes
content-length: 20300
server: cloudflare

GET
H2 200 vs20olympgate.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 80 KB
80 KB 226ms
144ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs20olympgate.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8d1740eaaae86773ecedc69b2b61897d90ceb72f80ad2fee1c199619dbbd3cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "32226b41dc7c4b7e0c998dc9d6f8b859"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 81741
x-amz-cf-id: D1u9GId8BGeku3ye7NH_nr60gUpI-dyubReYkkW1IoufGTKcjz8j3w==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 vs20fruitswx.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 85 KB
86 KB 45ms
22ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs20fruitswx.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8c0d4bfc774ebaeb3703274af3e6441b5c9c8a8fd4206856ae1ea9dd4ee3185

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "74f85f5485e17334c612271240dde710"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 87452
x-amz-cf-id: K0bJOhdkULZxqvvGqQT1I4elgwiZvwGEWv8PSJRwP5ipx2r3-_Gwvw==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 89.png
file001.nxtengine.net/open-img-pub/games/pgsoft/ 19 KB
19 KB 92ms
79ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pgsoft/89.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df057caeaf524c7883043846c6c4762a4c974262896595be337247fb8095f44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555e8bd-4abb"
age: 716
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFQzQk9B9oCrUkHzTDtjtrBLFzCtQyYqeqHxlakZQW%2FqqgyOwcqOeNqzXzy8GYBWpx4uMAHk1qn89avX0VnqaZjI%2Bj2j4vYzF2OPMCGc13RKA5%2FGiDeP%2F6lm1o7A%2BWs%2FxKxEQ2z5kf4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=32
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:02:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8d02b5-CDG
accept-ranges: bytes
content-length: 19131
server: cloudflare

GET
H2 200 vswaysmahwin2.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 90 KB
90 KB 45ms
22ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vswaysmahwin2.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 301d511a2fa372357a8cc99139279aa44068cf0b82c6d35f370e705acc2f93df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "c32f6632fcb0f2eb4779a4bdcccd50d0"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 91693
x-amz-cf-id: GabTuc9tB6jDZ0BfSEnlV4fPJ-v2FeAmQLy0Ptg-ueeQbwigxJokZg==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 8751050_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 44 KB
45 KB 92ms
79ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751050_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ecb84fd649062e415e148cbd15dc47dbf01b65fb33c559a7b9278afa550994

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66f50cfa-b054"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2BM3ZD%2B8BcvcLy%2Fe2BuQKE72poRIip8PXl9Jh3XmPHlHmKy2ssjiabrk7dfWA2D1uRQq1o%2B4cauU1yyx%2FySMg9m4%2F2MUVlA09vJOfM05bRqTMDu26tYkKnoAnO9rUnGPaS28r40IlIM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=34
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Thu, 26 Sep 2024 07:27:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab8f02b5-CDG
accept-ranges: bytes
content-length: 45140
server: cloudflare

GET
H3 200 8751049_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 40 KB
41 KB 92ms
79ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751049_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c36230f1e922dccfa91a5da5ec54bc757765891ff4e19c152ea3798b678a60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66fa657e-9f5c"
age: 2737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ju3X1%2BfBuep0mekAu7U9uLglwMQHu8vO8kw9O8aUioDP9sjAlItyrPkygibewX5MTXdfpGAJNTPfNw6blf9XusRaBvKrY8b9SKOHvT5xibQBHAFMJAyDR01oqCyJ8glCnziurX4ISqk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=24
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 30 Sep 2024 08:46:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9002b5-CDG
accept-ranges: bytes
content-length: 40796
server: cloudflare

GET
H3 200 8751048_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 65 KB
66 KB 95ms
83ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751048_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37f889d771b5766c0b45aea7b1fdefe6732759680c3fe16f8451fa54b19135d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66fa657b-10454"
age: 2737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FD9QyvVI%2FyNzUUJhfcQPCczQNDLZQBQHe8lcIVbwV%2FBo96R6NyyoQDNlb%2Fw6k1hmtn9Edadp%2BHMhK8%2Fan8RoPLMw%2F3oWwltZuRrV3lcGKL%2FyOKYvIPGe61QMhjJzkDBncwxcoqKdYCQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=36
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 30 Sep 2024 08:46:51 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9202b5-CDG
accept-ranges: bytes
content-length: 66644
server: cloudflare

GET
H3 200 8751047_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 45 KB
46 KB 95ms
83ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751047_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a34a23c5eab1f788c46ca50f76f20946256ef9328e70c3e4ce6c2b510301b47a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e55-b3a8"
age: 2737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SHITGIXUftSTFboZZZYJgk1L8WwuBgGP%2FYOgo3YpM%2Bzi85SR2KMFwhIZltMNx4PjLB437hyq3vq3lkR%2Ft22FbjtOL4RSf9m%2BsaG1eYr8vzN%2BgN4RYcgWm8PBUfPLCtvbu4z87ZwtuoE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=40
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9302b5-CDG
accept-ranges: bytes
content-length: 45992
server: cloudflare

GET
H3 200 8751045_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 57 KB
57 KB 100ms
87ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751045_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e92d2f18c242d540437f51413221e45f222128816f6720da7dabf4c8278a304

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e55-e2b0"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cJB%2FAl3skzaQyns%2BQcVQjlEAEQCnQvy9lx312i%2Fsvo1rJoj1EbUJDT1rzxsvKCbhwYGMSbQsZCKQ1Qt71qrrH3sYL%2BI8N%2BBauMMI3FTjcPRpzY8FT2tAjfrtrBv5hvJ%2FpqVjDBZlLHw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=39
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9402b5-CDG
accept-ranges: bytes
content-length: 58032
server: cloudflare

GET
H3 200 8751036_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 43 KB
43 KB 100ms
88ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751036_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9c99f48f22e8936f99ac443a58e18a62a298c96c2c1e444f696a96d28e3b8e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e55-aa0c"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OME4NEQ4VifS7AdVHWefe4MUs7FLKq41Ry2mw%2FHkUCQTRtxCdOG%2FOrWky8Kv1jwRsNvTKZfOFqy4%2Bkk4JlrgfHNGxhyBTpto%2F0bZeBqdeWO3170u0%2BOBA5X8lIR%2BnR7Gar9HHQElPlE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=50
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9502b5-CDG
accept-ranges: bytes
content-length: 43532
server: cloudflare

GET
H3 200 8751044_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 54 KB
55 KB 100ms
88ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751044_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca677a7c36fd7e5c758a46f9a1056e44f504ab5cd148be5a9a55876d10cfbf22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e56-d8c4"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ma49A8I5cI1m31aUdYBmdSO0phadg0tmlC1RMuesET1o%2B4fPUngUNC%2FpP9bVuojj1fhaOE5zJG9oPi01XRwoivb0L6fGPlHz99kbCAb%2Fz1ikQaLhhKP1lhQIPmxybN1og8RC1nFU%2B%2FE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=50
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:30 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9602b5-CDG
accept-ranges: bytes
content-length: 55492
server: cloudflare

GET
H3 200 8751043_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 55 KB
56 KB 100ms
88ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751043_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6cc0e634ff9de2380df146c779d3b75734185be36273ff647f7b93476ab3e0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e55-dc56"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OyjCAPoBx%2BlD55ggesL049daekkPVaMztR%2FMgGuH0V%2BGzvzqGaqoKAjenAs1Qv7ABzxNCXTjHdpv2MxNhWk6nz5qvseadNsh2jpkOcR6Ud3P2AylrldK0yJqpC2WRAmGsJCxI%2BLGyhY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=50
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9702b5-CDG
accept-ranges: bytes
content-length: 56406
server: cloudflare

GET
H3 200 8751033_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 46 KB
47 KB 100ms
88ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751033_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5080ebfb93f1b7a47191a399d95e54b02b13bbb407769b687ec3b8a768fc76ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e56-b8ca"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmlqseJnAY9s1iM2UW%2B9u%2FZPaVatC5UmDesppJcDHxaaCMS%2BRrsapZL8nEsxL3Fyc548JNsUtheZn47oeKd1D5Z5uOD2M5uFyYo3oTIw93sm%2B2ojFLxxO6siosqxnDBcYmTz4hLwnQc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=50
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:30 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9802b5-CDG
accept-ranges: bytes
content-length: 47306
server: cloudflare

GET
H3 200 8751042_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 42 KB
42 KB 106ms
95ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751042_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 051c6cfdd89fbb99eb00864fc8ee468089de07e24fd90e41b776aadfad4449ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e55-a74c"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z2jK7ZRwE5BTlf5IQFiDjY2EBI4NO0v2NZpJvOgHE58rXMDx0W%2Bi5qZs8DN9rIaEjBMwgvM6ZVXGdQHuKFMhdBeP0WVdIawhJX8uMGtFk8oShCXgUFIKQym7IfEsBk0%2BEEnnKw74fGo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=54
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9902b5-CDG
accept-ranges: bytes
content-length: 42828
server: cloudflare

GET
H3 200 8751041_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 39 KB
40 KB 106ms
95ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751041_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b28ab2c5403fdae81afffe216eb17c3fddd4a95469fb89252e86b264aa84bc6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e55-9d22"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xbxQAwTuKYsBj2kjviPsXCgNY6nEPyVOVW3m2Md7yYmlVNVOHfcrU7eEhaYbeyWbWVlFAyOZOCp3Yv%2BmyK9L3ZeNGn6fNg%2BBv7sfDCRFMjS%2BvY6xL0dwAEQGxmKs4PuPsRBEMrDjWV4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=54
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9a02b5-CDG
accept-ranges: bytes
content-length: 40226
server: cloudflare

GET
H3 200 8751040_480x480_en.webp
file001.nxtengine.net/open-img-pub/games/hg5/ 41 KB
42 KB 107ms
95ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/hg5/8751040_480x480_en.webp
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e3ccfba4fc94c5cd341f450987289ebef6a8e026a2a36404254aa45a75f72f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66ba2e56-a4ac"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rA7KHUK%2FqTSNAgoT0HLCwc6cwNwpvkQmUSzQFv%2BGrTCK7Jsi71pyvJY9y8zo5tRa2c5%2FMenRmNz7zGMoiIerrccjgHI7GvTCArIau7Vwe4ezHVhKP1zy21Hkyev8BGvQnEstjP8u260%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=43
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/webp
last-modified: Mon, 12 Aug 2024 15:46:30 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9b02b5-CDG
accept-ranges: bytes
content-length: 42156
server: cloudflare

GET
H2 200 vs20fourmc.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 70 KB
70 KB 45ms
23ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs20fourmc.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb0f3b12ae737fc2674f41ba916d92df49c685b5b11c0a7c1daf14e53306edc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "fd4c5ff76a9b58d72236f6af0531b713"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 71469
x-amz-cf-id: 4xA2ObI-UQ91OqRSKlOXsG82ELTIjdSsc4H2blVJpash_NfCoo0RVQ==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 1755623.jpg
file001.nxtengine.net/open-img-pub/games/pgsoft/ 51 KB
52 KB 107ms
95ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pgsoft/1755623.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4dff73f41e2b5acbb6d93c24ef4a297eda32157a28479d2262d45e6d6696efb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "67234f65-cdaa"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F8gvbpEZBBUuymJIiIVo%2B1C3Ws2AuIw910YGA5qQiRSWnY9tClVrcBG%2Fx72xdWoQvSUf9zVZE3AXjoqn5xN%2BzLuarPlEFYu6bnpKOR9kn57UAuWQKiB%2Fqh6ajfgt%2Fo9IWUWkRc7lUN0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=44
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/jpeg
last-modified: Thu, 31 Oct 2024 09:35:33 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9c02b5-CDG
accept-ranges: bytes
content-length: 52650
server: cloudflare

GET
H3 200 SGBabaYaga.png
app-a.cdnlogic.net/img/square/400/ 69 KB
69 KB 63ms
28ms Image
image/png 172.64.151.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app-a.cdnlogic.net/img/square/400/SGBabaYaga.png

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.151.130 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3407c1cdadf3702d43f427ce766a446303d9a2672b927ef5ee7bc6454a9159ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
age: 155464
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 09:30:43 GMT
alt-svc: h3=":443"; ma=86400
p3p: CP="CAO PSA OUR"
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 09:30:43 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cache-control: public, max-age=31379402
cf-ray: 8dc18ff95ac7d378-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70308
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 S-HN01.jpg
file001.nxtengine.net/open-img-pub/games/spadegaming/ 104 KB
104 KB 112ms
101ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/spadegaming/S-HN01.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b330c4289f4b8798cae45c8f88c5dec750e79cd48a8dae2380a75d535197a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "67088156-19e1b"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LLA0ngnc61p5GgJciPoisIoFrbWk4cfrdGSdlseZY%2Fp55dz75uGKW%2BGN1%2FChFpNew3vAXCBKuNksQkp7t15Ab%2FX5%2BNnU7CTfsvJvXk4gPyI2SU8yNtJDqSdF0dKHfSky8IB0pHTdOg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=55
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/jpeg
last-modified: Fri, 11 Oct 2024 01:37:26 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ab9e02b5-CDG
accept-ranges: bytes
content-length: 106011
server: cloudflare

GET
H3 200 S5G-H5-99965.png
file001.nxtengine.net/open-img-pub/games/5g/ 72 KB
73 KB 112ms
101ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/5g/S5G-H5-99965.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ba3557b7be57c8926a8cd0aafba6a9ddb66500b58bc9dc6ca90dc7ec424660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66eee032-11fba"
age: 2737
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvEsOSOxuLGUeFJM7xu%2Fmd6rjPFC586mUoYKtafOcjVOnD9xBJlSU%2FpNTkVjn51TPvRQRd%2B4N30DQsKVo6iJFPWwa04SPl4xM3EfXZi1085QIvlEtjy2B4rWQzdXlqFNef5fDWjzxSI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=177&recv=163&lost=0&retrans=0&sent_bytes=168955&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=673&x=1", cfExtPri, cfHdrFlush;dur=55
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 21 Sep 2024 15:03:14 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8aba002b5-CDG
accept-ranges: bytes
content-length: 73658
server: cloudflare

GET
H3 200 S5G-H5-99966.png
file001.nxtengine.net/open-img-pub/games/5g/ 104 KB
105 KB 115ms
104ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/5g/S5G-H5-99966.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670ac78d9467a719a853de3e4f4fe46c31419d3a5f36e5e22fe7bd9f7ca6e006

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66f22575-1a168"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbapzmRAo1BRBW52piqz8%2F7lNZ6Xi66zB2eN4ztWX3s%2FWgjVOIRdLqwFYYcKRdvcMmIHbfHCO%2Fr2DIIodFT47dwHXQFeExCScNom1lr8oCuq9mrE6CMlL4QS5nMJG4B%2B%2FzcAJ7Y1fw0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=45
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Tue, 24 Sep 2024 02:35:33 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8aba102b5-CDG
accept-ranges: bytes
content-length: 106856
server: cloudflare

GET
H2 200 vswayssevenc.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 95 KB
95 KB 29ms
22ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vswayssevenc.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9032604d213d29f42622b2465daaea84a94b3084c751ee7a5437221577f96407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "55c0d67473ea586509c8e0c354e4d3af"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 97023
x-amz-cf-id: JaIx_5Fale9RwDThmL8pPQLrk0TLdugg-sDvV5wVVO41nQ6ZwmO7jg==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 vs10fangfree.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 88 KB
88 KB 28ms
22ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs10fangfree.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 523f3aac7d14c4f4bc098ffcd89f5ffcb4d6427dfbc108921dba9f2eca2e2643

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "a8a90933b0572c50e5b4c2bb73434606"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 89710
x-amz-cf-id: bB6YLamvHt_5Yu6aMkQdpNmLEkg6gZZO7B2oVJMCY5JIMglnBfdOAg==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 vs10bhallbnza2.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 89 KB
89 KB 29ms
22ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vs10bhallbnza2.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1a7262fb32846d20fd4a9355bd2576f0c7e3c84197a21b3260ab82631d9c1587

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "4114914346f109e4abeb1cf2d176468a"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 90669
x-amz-cf-id: 3-_hFZKMKFrYRVWFgcEEAVQACmCh1Fik8evDTsLliJh2Zu27ggI89Q==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 vswayswbounty.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 83 KB
84 KB 29ms
22ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/vswayswbounty.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3ee0929b27eacb109c7a997097ecc867afdda3513636e66d611ad295070cd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "b1fb327ea9f94ab9adf26fac1a0bf210"
age: 150
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 85108
x-amz-cf-id: GFEKIqkfEgjj78-Nt2L28FTi74wQaCQ8QU5svzwqi-I-WchmQFwo_A==
date: Sat, 02 Nov 2024 04:59:40 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 101.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 81 KB
81 KB 161ms
155ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/101.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89f989115f0fa64abd8979a7c7253f11774e3f20a3b0fe0c744f77dbc98f51ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "ff4d724155e4d23e1bf56a3676cab861"
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 82865
x-amz-cf-id: lIC7ukP0D71yPzNr3ks2dZ63Leb0Ajho6GRRLpHZ-bwOSt1ERMeXWA==
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 1301.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 75 KB
76 KB 177ms
172ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/1301.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6321a44aab61c512f3e106cadaefc5e2a5d83264045e6d02c23bf6b99dee04b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "1d8ae1173a09cc6b7643d5e296cd8a9b"
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 77211
x-amz-cf-id: UUWin_03tmrNHF4_ruUGbC0VsfoyG_Wee3CoEJxIuzJBvQ4NWNH9HA==
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 1320.png
file001.nxtengine.net/open-img-pub/games/pragmatic/ 73 KB
74 KB 380ms
370ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/pragmatic/1320.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e3d2b454356b205a70d22784c52d6f2aeff9276a887238c1c448a5ce1c206a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "6513be28-12460"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ja4iMpcuwdWwqXaMb%2BBTk7sci9uW3k98VqbAASIkOXKqTVVeb1hVwgbjlFyjB95283thnJ9MSn3cTAAyJz1yjOH7ubQlUVcHAfQX5FcZDOjDDf42VEpJF5Kda40ivSNFwfnc%2BAvEfGM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22865&sent=2910&recv=411&lost=660&retrans=660&sent_bytes=3250022&recv_bytes=55394&delivery_rate=165185&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=989&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Wed, 27 Sep 2023 05:31:20 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8aba302b5-CDG
accept-ranges: bytes
content-length: 74848
server: cloudflare

GET
H2 200 2201.png
p670ty4f35.gcdikeagzb.net/game_pic/square/200/ 52 KB
53 KB 158ms
153ms Image
image/png 13.35.58.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p670ty4f35.gcdikeagzb.net/game_pic/square/200/2201.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84960e3cac44e007f394f19b872e84c97893366a1cdbb098d4649580f791c537

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

vary: accept-encoding, Origin
cache-control: max-age=600, public, must-revalidate, proxy-revalidate
etag: "d739fa369689c14742372a01c89adfcc"
via: 1.1 0679859c01a1d918f3fb77e42174ecf8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 53645
x-amz-cf-id: oHtsKxVzCsLWb3mcIE70CP8Qx1qFf_oGDowCVW4n05CaC46B61OuFA==
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Thu, 03 Oct 2024 06:42:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 VN-LIVE-009.jpg
file001.nxtengine.net/open-img-pub/games/venus/ 80 KB
80 KB 383ms
373ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/venus/VN-LIVE-009.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44de69755063ca3f634632d8c72b3087f1b78b81ac497d09674cb29d9824ecb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65952f62-13f3b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ci6iNV4NeOrC8izhX%2FjYUwuL5apF%2Fv3pUAMelvJsoeyb5D58xvB7qnuj7Ft4TQSsI8WzDUpAjsWuSL1VKhT7KBUVm0aiUtur%2B%2BJA0DKxHm2ze1o2Wmxdf%2BCONG1KbwwRHDE2fqX9IGg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=2981&recv=413&lost=660&retrans=660&sent_bytes=3331348&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1005&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Wed, 03 Jan 2024 09:56:50 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8aba402b5-CDG
accept-ranges: bytes
content-length: 81723
server: cloudflare

GET
H3 200 VN-LIVE-008.jpg
file001.nxtengine.net/open-img-pub/games/venus/ 78 KB
79 KB 393ms
383ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/venus/VN-LIVE-008.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df6e45e706efffc6d96e5c2db9176120328a4f5939807ec2bc8e9098e4df835

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65952f5e-1378b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQ%2FGfgnJSIaZKukHLTDeMcvdJu%2F0uvbU35JEnhHHP60N22wrEoCwv6UEawSlOhQZleV%2B4BuQN%2Fd6ExP%2FjgsKjgclFZnAEya0Q752RT5iTRJ9WJ1bXNYpiHLSqqzeGYsypZPjggdsV6E%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=3052&recv=413&lost=660&retrans=660&sent_bytes=3415647&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1007&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Wed, 03 Jan 2024 09:56:46 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8aba702b5-CDG
accept-ranges: bytes
content-length: 79755
server: cloudflare

GET
H3 200 VN-LIVE-007.jpg
file001.nxtengine.net/open-img-pub/games/venus/ 90 KB
90 KB 470ms
460ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/venus/VN-LIVE-007.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e0367bc3ddc54ddc6f477da409b06c7da0b6185c6474e5269075e7bf2b02ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65952f66-1666d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rC3Bx1HI38%2BbXJScqO9IjZCbyTTCjLKxqFimnG54U37ViWsEp%2B3Cmv2p3vFBfQ56l2JsNdzwG5AiDs6lUb9SPRmgJng8YSlnvRTG9%2B10%2FB4O6kOo%2FHG5ny0DEWa%2FxZ%2BY9Trxz6Uqoqk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25979&sent=3407&recv=436&lost=660&retrans=660&sent_bytes=3829261&recv_bytes=56522&delivery_rate=8969481&cwnd=330135&unsent_bytes=0&cid=0082a9776fa78872&ts=1035&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Wed, 03 Jan 2024 09:56:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8aba802b5-CDG
accept-ranges: bytes
content-length: 91757
server: cloudflare

GET
H3 200 VN-LIVE-006.jpg
file001.nxtengine.net/open-img-pub/games/venus/ 96 KB
97 KB 400ms
390ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/venus/VN-LIVE-006.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4689aa56b64a30ee0a6140ea62c44855ec9c4da442e47d34aec8a52b810b78cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65952f59-18031"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6pfj24%2F2pVcoA20QFtBSZkIRvuEnSC28PWV3sX4q6reAWrDbwoCc9badAS4rJvfPJmaLPtCAYQ5wVLqUalNqDWCI2%2BitOrW4b11SvECVYiFAFrqn1Wj0zF28k6WiG2DmMn2cQz02%2Bk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=3121&recv=413&lost=660&retrans=660&sent_bytes=3497926&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1008&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Wed, 03 Jan 2024 09:56:41 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abaa02b5-CDG
accept-ranges: bytes
content-length: 98353
server: cloudflare

GET
H3 200 VN-LIVE-002.jpg
file001.nxtengine.net/open-img-pub/games/venus/ 87 KB
88 KB 404ms
394ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/venus/VN-LIVE-002.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fc4e0e157a5dc9f66b07e97f1b293843840a908ba4092c291711caffeeb4e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65952f56-15c32"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=St262EiaT60eDiyoIubj4ly0Uj2%2B%2FSS7noeyNjPv5CgR55cmDD2jf4ssogT3IJTDTwO96liS07Gvu4WFyjiDPBgIIWXL63hDHIAd9sA2MjtXPnfsBvec72grRk61vja9yHnwl9WsKwc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=3161&recv=413&lost=660&retrans=660&sent_bytes=3545926&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1009&x=1", cfExtPri, cfHdrFlush;dur=7
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Wed, 03 Jan 2024 09:56:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abac02b5-CDG
accept-ranges: bytes
content-length: 89138
server: cloudflare

GET
H3 200 VN-LIVE-001.jpg
file001.nxtengine.net/open-img-pub/games/venus/ 87 KB
88 KB 419ms
409ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/venus/VN-LIVE-001.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fc4e0e157a5dc9f66b07e97f1b293843840a908ba4092c291711caffeeb4e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65952f56-15c32"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJxql8F79v6pTrjzrmi8fKPu0Jtg3FbzwZiHxNi0gGS9HVvbmbWZmtdt2wLHlJTgg2HidtAxlkIhlABmusQMItzDG2s5MKlKmFSR99VvUxF5JFgYVpnIm90TLTjjEm3idRZ2OE%2BEBRA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=3185&recv=413&lost=660&retrans=660&sent_bytes=3574710&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1009&x=1", cfExtPri, cfHdrFlush;dur=7
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Wed, 03 Jan 2024 09:56:38 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abaf02b5-CDG
accept-ranges: bytes
content-length: 89138
server: cloudflare

GET
H3 200 SV-LIVE-001.png
file001.nxtengine.net/open-img-pub/games/sv388/ 43 KB
43 KB 419ms
409ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/sv388/SV-LIVE-001.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50ae9db379e3791e57596c1e054fee69e579919e832ae92d8fbe4e3a52a9c90b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "6592a383-ab27"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t14431sqlAN25%2BBcGe61QD3HrXu6zhLHSXLS7B2V0r5u9PmFJJ6nwSJVFl%2F2%2BLAZo18RAsJ5P4sEPriagMTv%2BdMAtNr%2Fz9WjYy54XqqOGcWGiboH6tshD0KmeBk7FCSfQaBU5Auyp8w%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=3185&recv=413&lost=660&retrans=660&sent_bytes=3574710&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1014&x=1", cfExtPri, cfHdrFlush;dur=2
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Mon, 01 Jan 2024 11:35:31 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb002b5-CDG
accept-ranges: bytes
content-length: 43815
server: cloudflare

GET
H3 200 WS168COCKFIGHT.jpg
file001.nxtengine.net/open-img-pub/games/ws168/ 21 KB
22 KB 419ms
409ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/games/ws168/WS168COCKFIGHT.jpg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd0b3cf35b523c80176a193216953076245f0a85e1e7b7c77c12304f23f1178

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "65460c0a-554b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dH8QNdEQb%2Fg2k7nZfo4exefe2dlSqv8HI1avW85r4sg1exHypX8vAaxWTAe1aYCpLMFGz19Szhh7HH%2BF3rOBGdCa70aMFlwaE%2Bv%2BH9YILf%2BgrpzNgm8%2Bia8LdLuIamkJQh9wMDWtcK4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21561&sent=3185&recv=413&lost=660&retrans=660&sent_bytes=3574710&recv_bytes=55482&delivery_rate=685941&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=1012&x=1", cfExtPri, cfHdrFlush;dur=4
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/jpeg
last-modified: Sat, 04 Nov 2023 09:16:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb202b5-CDG
accept-ranges: bytes
content-length: 21835
server: cloudflare

GET
H3 200 logo%20pragmatic.png
file001.nxtengine.net/open-img-pub/providers/ 7 KB
7 KB 113ms
104ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20pragmatic.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81261bb6ad9a60e6c88b93e959cb533df036cf595f287d42e89f15d3f96f06b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6487d596-1a6c"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDNK7TFLLNsyM1E%2FiKGJPqTuoRjwz7H5%2Bj7rTNv%2FRwfVRVcmxZC7tLBj54pjDHEJ7rNFzwcZWD47qFHi%2FhiZFceR1ENcqACjrypZJfj33oR6H9d27x%2FiU0egVZKj5VJxEKkvA3rHdNE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Tue, 13 Jun 2023 02:33:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb302b5-CDG
accept-ranges: bytes
content-length: 6764
server: cloudflare

GET
H3 200 logo%20habanero.png
file001.nxtengine.net/open-img-pub/providers/ 5 KB
6 KB 113ms
104ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20habanero.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5e766a3204310c8a5c0e52673917b0781b961af960bd7e0ab4a81aed51f19d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48e-1545"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtaJuEdLMd23o1Wji1wT4ntfVB2oNFwKsICq7fiA5eNJTuQ8LAkBKIZFinjzg6u2L0dazU0R0c2dD6TSnFxq%2BhyrHhNP6ycrSmqvvI6R2XnkurgA9yErmsWYF9jnZ%2FrvOv58MzHZGFU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb402b5-CDG
accept-ranges: bytes
content-length: 5445
server: cloudflare

GET
H3 200 logo%20pgsoft.png
file001.nxtengine.net/open-img-pub/providers/ 5 KB
6 KB 349ms
340ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20pgsoft.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e78189766cc34a53681b51492544e462c35071120bd1d02c61e2ea7ea01dc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: MISS
etag: "6555f48f-157a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmXainJ3CusLEA98HfeVhRWQ3KD0r3QC02fd2HeZP27QFbqLNZEb1q1T%2FaL%2Baj0oomjsUB6pvjsxPG8FdRYPsC2Cxrr87IWrDQBcvdrqNcOFOOTy4I6GyUw6hapo%2BN%2B6BHAhMH2AMcY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23804&sent=2891&recv=410&lost=660&retrans=660&sent_bytes=3230803&recv_bytes=55349&delivery_rate=11899&cwnd=327735&unsent_bytes=0&cid=0082a9776fa78872&ts=972&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb502b5-CDG
accept-ranges: bytes
content-length: 5498
server: cloudflare

GET
H3 200 logo%20playstar.png
file001.nxtengine.net/open-img-pub/providers/ 7 KB
7 KB 113ms
104ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20playstar.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b7317833a360b493450a80540baa24e1f5c3dd28e28f68be44065611bebebc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6487d059-1ac8"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1rWdHiQzFpWe%2Fm89w3PHnWxKNP1IWZJF3ZyZRHfCwQ3gm8IwZWef%2BUeQ3tSGngqiIUlrGtwiSix2fShdiI5N%2B6QBiEnYxoMrKsOFaNU%2Bd11LxVDNL5OK3HH4Ov%2Ff5nRSU5oKOEhjbOY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Tue, 13 Jun 2023 02:11:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb602b5-CDG
accept-ranges: bytes
content-length: 6856
server: cloudflare

GET
H3 200 logo%20spadegaming.png
file001.nxtengine.net/open-img-pub/providers/ 7 KB
7 KB 115ms
106ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20spadegaming.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac27892d40bf5feee39618fddc9b7511c04727d7c3c35b75456a7c338bbbc836

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6487d6f8-1a0c"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sIXw97uCfVpgLC6%2F%2Bpq3TqvWYmrFWPIZRHevrg9JMgEoO9CWSNkJUkayLukJisv0AxH5J2z%2FIXj9SQxBN0vFTHQIhiZukKi5jYPihQhecPlHUtZ9aNpI8xzrJuFGOkmIKgW1unk9NjQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Tue, 13 Jun 2023 02:39:52 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb702b5-CDG
accept-ranges: bytes
content-length: 6668
server: cloudflare

GET
H3 200 logo%20evolution.png
file001.nxtengine.net/open-img-pub/providers/ 18 KB
18 KB 115ms
106ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20evolution.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0c4e3929cc6420481eb8e4b9d0c1832f606f9df371c8d7ea66f5287086cdf3f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6485d2fc-466e"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxDNNm12PjQHuC32k3JLEB8KcvI8Z38jY%2B4QWrwwch2cZPnzxj4im9qvSv%2BIFx45fI4S5dL%2BLom6Un29MmxmMP1MoQody4i9KdDYR1DrYUrZhglgdo3JY6T01EOJXFxc5KKRT8C0C%2B4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sun, 11 Jun 2023 13:58:20 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abb802b5-CDG
accept-ranges: bytes
content-length: 18030
server: cloudflare

GET
H3 200 logo%20redtiger.png
file001.nxtengine.net/open-img-pub/providers/ 14 KB
14 KB 115ms
106ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20redtiger.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b00e8bfe50231cb36fb19162224a0ab2ae161f269133a569495bb16f7f92596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6485d13b-3639"
age: 3444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqNWx4Bld%2FzDb9HegaSaXF6gilFB5RraeDtp%2FS%2B3ZFa4MVPlVUMWiVuhW3a3Cpz7CEeoQgUwFhGOLSAjYrNlvOnoJiEx88LLPy1IZuobrwbA9EB5YTBjiXoyYlC7lQUt6HVyYeD261M%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sun, 11 Jun 2023 13:50:51 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abbc02b5-CDG
accept-ranges: bytes
content-length: 13881
server: cloudflare

GET
H3 200 logo%20netent.png
file001.nxtengine.net/open-img-pub/providers/ 2 KB
3 KB 114ms
104ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20netent.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43fd29006b5fee88fca9eb0022f638915b18c6bd48a3ec7016d86af7d3cd75db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6485d360-886"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCcb1a63o4yW4nuwqdhk15PPc4aYZLsWou9BuBRgWQVd%2B7hitGEpocOR8irZILR5oCZ%2Fp5h28Vk1s1m%2Fz3CrQc3K6QoQVipAiMlRWAogXpJYdgPB3i7aHjcv2SENDppygFcw6BVbFRw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sun, 11 Jun 2023 14:00:00 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abbd02b5-CDG
accept-ranges: bytes
content-length: 2182
server: cloudflare

GET
H3 200 logo%20bigtimegaming.png
file001.nxtengine.net/open-img-pub/providers/ 10 KB
10 KB 485ms
476ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20bigtimegaming.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0287da7bea7ef2d0de7c574a12bdf238b39668756182a19e3a54e093f4eb971

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "6485d2c3-26cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kVv8fVUQN3DsVvZia4AcncUymIcX8z7hZGYZVIJDL%2B2hfFQVbpOwlb5ZwzbnSsGwPLHY7dU0d6AXreJAF1BjKvHnnMy9wZ9yCb4P8bXSwO90PXvxPDcFBOvl65%2Bw8maTp1y5YDSYDmU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27588&sent=3468&recv=442&lost=660&retrans=660&sent_bytes=3901252&recv_bytes=56792&delivery_rate=11530655&cwnd=330135&unsent_bytes=0&cid=0082a9776fa78872&ts=1039&x=1", cfExtPri, cfHdrFlush;dur=15
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Sun, 11 Jun 2023 13:57:23 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abc002b5-CDG
accept-ranges: bytes
content-length: 9935
server: cloudflare

GET
H3 200 logo%20nolimitcity.png
file001.nxtengine.net/open-img-pub/providers/ 4 KB
5 KB 114ms
105ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20nolimitcity.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed67707199c9796bad270bc1e7e9b068508537a93e9fdae3a8c3681a8489202

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6484185a-1158"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gWE8u5pyu0qf%2FiYiEgSDGJ6oIlxg8dNIR9lYs9iKLQRlL68msRc82yNWjdfQYeQGM9lyvNQFapnU%2BlViU1l5nHQtw%2Fxt5QhECvH3mGOhesPRKzwZ5bvn1WKqeEpQxE%2FNwOAWKf0nvM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 10 Jun 2023 06:29:46 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abc302b5-CDG
accept-ranges: bytes
content-length: 4440
server: cloudflare

GET
H3 200 logo%20WS168.png
file001.nxtengine.net/open-img-pub/providers/ 49 KB
50 KB 114ms
105ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20WS168.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6801f9027ba5ea7297d2c5842af2fc3930e3636c5a63e371b676dfd4f874c26a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "65460c1e-c4ea"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4YUmOnaHX6qs999CRhjVGWsHeHoIZjvDoMbSjfjzm6XdOWEFMuCldgSP6h697z0%2Fk6ZZ1ZylNbYHXzGYScqRv8LnY3BLRIPf%2BXxlE5hmIJJ3Qvl9AZyEV1f3sIwOzMtJ4T3QP9oc2Pk%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=46
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 04 Nov 2023 09:17:18 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abc402b5-CDG
accept-ranges: bytes
content-length: 50410
server: cloudflare

GET
H3 200 logo%20dragoonsoft.png
file001.nxtengine.net/open-img-pub/providers/ 168 KB
168 KB 116ms
107ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20dragoonsoft.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e824e6c62c97a065b54001e0a17705aac457e327cbb8abefb1d84122d2078621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6578124a-29e48"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DV3zsN4WAODF79KH4yFxk7kxP9nEGBzVdJ%2BW9gFArPlj1TWpnGNXrafb4KgZRtfEOte7qaQsYM2lx8iRwmiBzvIGitApIMn%2BuH5%2FxLRZizDinb5r6Kx6rhn4eoDASrX5BxnGMGhuBwU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=52
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Tue, 12 Dec 2023 07:56:58 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abc502b5-CDG
accept-ranges: bytes
content-length: 171592
server: cloudflare

GET
H3 200 logo%20fachai.png
file001.nxtengine.net/open-img-pub/providers/ 16 KB
17 KB 116ms
107ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20fachai.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddaa0d56dce98193fe2285b70031f50fdc434a891d2def9bd3c51820835933c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "65796612-3fb8"
age: 3444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTi%2FLRDXo92Jwred6qfUcFcxy4G6Guyok6UO8cuReKPrrRhjahSQdaXBEC6pZIFOVDAmlkDCfqS7kZ6o7F7FfTKHL4UBMFP8nbJPR3hAmwfw3PXCcAF%2FFfNoTmw6c9sCMOVOWgr7BPg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=55
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Wed, 13 Dec 2023 08:06:42 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abc602b5-CDG
accept-ranges: bytes
content-length: 16312
server: cloudflare

GET
H3 200 logo%20fastspin.png
file001.nxtengine.net/open-img-pub/providers/ 6 KB
7 KB 485ms
476ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20fastspin.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8568a6a1a04efc89ad95610b22462ddcc9801a88296214039bc31a3f43c19b90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: REVALIDATED
etag: "6579648d-17f8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WbbFZd9cn%2FWBed4QlbRjRW%2Fb6pHnJT9JBm5EszSaRImM5aBWBxnnS3iUmkzLJsht07sGpioRAnZaxQDaqgZYzDdESKQzcul%2FlRDv1kBfzQQ%2BZGy9iDi%2Bu%2BmE3TPyH6sl9jsnUrIQ4kI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27588&sent=3468&recv=442&lost=660&retrans=660&sent_bytes=3901252&recv_bytes=56792&delivery_rate=11530655&cwnd=330135&unsent_bytes=0&cid=0082a9776fa78872&ts=1053&x=1", cfExtPri, cfHdrFlush;dur=11
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
last-modified: Wed, 13 Dec 2023 08:00:13 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abc902b5-CDG
accept-ranges: bytes
content-length: 6136
server: cloudflare

GET
H3 200 logo%20jdb.png
file001.nxtengine.net/open-img-pub/providers/ 18 KB
18 KB 116ms
107ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20jdb.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9eeb30335f6b18108d97078f104090860f28ac09d91712e424f641edf3b4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "5ba0acae-46ff"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IhXRuuVzaRTbgCxDkMVdgW2ndEohS6MMhoZT3FpB9g0K7wIh3NfjloYc%2FVEA0QaPjOPEEnys0WvqNqeEiWgRahwP2IwdQ3HDPi6rsE0ncGcS0MA5I7dftvt9jPtyVPzpN3SBJz0PalY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=55
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Tue, 18 Sep 2018 07:43:42 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abcb02b5-CDG
accept-ranges: bytes
content-length: 18175
server: cloudflare

GET
H3 200 logo%20jili.png
file001.nxtengine.net/open-img-pub/providers/ 23 KB
24 KB 119ms
110ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20jili.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787762fad0d3eaff0cb3f380ad64623333bc48d50dde7c26162e0da781657c88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "657a6567-5df0"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6%2BlpGcGxAe8KJZ306BQzf7rzknMBv52L2RMzxpNsvfisw2b9EHuqLsLa4YXJVm4wQdO3jwhjOPaUuRmG2gaH1i7fwe82UPx0tqfYTUbVuVqmLW%2F5%2BmAqpVdkGe2M%2BNRrIUjPT7J6TOA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=58
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 14 Dec 2023 02:16:07 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abcc02b5-CDG
accept-ranges: bytes
content-length: 24048
server: cloudflare

GET
H3 200 logo%20kingmaker.png
file001.nxtengine.net/open-img-pub/providers/ 47 KB
48 KB 119ms
110ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20kingmaker.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a161a65a1bb2ac1f62763d9597ffb19ec5612608b8194e6b60d0023172413a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "658d44a0-bbc7"
age: 3407
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xtBAumkW6zoTcSNcncuU5SWX%2FeP2qLLHbXn0JuDeeDTEQCgDJ5cY2V0umDcRoM05vxHPGYK5Hv%2B1EMfti4w%2FUtFoVsdts4VO%2BI6rpZ%2FK9d%2B1h74OgS%2BDo%2F9H1A%2B3hdkQySw477k9ZD0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=58
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 28 Dec 2023 09:49:20 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abcf02b5-CDG
accept-ranges: bytes
content-length: 48071
server: cloudflare

GET
H3 200 logo%20sv388.png
file001.nxtengine.net/open-img-pub/providers/ 20 KB
20 KB 120ms
112ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20sv388.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b9b8aba5ce0570b9c98dfbe890adec33e839852f041c150a9845c12df3d458

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-4ef0"
age: 3444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SD%2FyR7JbHNam5R08Hec1oRwR%2FJ45yjcHddzLm0qSFyKvVSSCN%2FAFyAWIbokCOL1jqfGDoDVXZHDznTvTMy0NTdZb3aJQuddi7cElXP1y%2FjjCBd3X7hTF4EKaiJMWHdvh83PQ22ol5%2FM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=55
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd002b5-CDG
accept-ranges: bytes
content-length: 20208
server: cloudflare

GET
H3 200 logo%20venus.png
file001.nxtengine.net/open-img-pub/providers/ 39 KB
40 KB 121ms
112ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20venus.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08adeb168367052abe57e4a34f70bfa13af7c01bda0e1e750b9c51def0b3bcc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "65952d21-9d2c"
age: 3444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23odStyF%2F1iJ9mAvI2du6W%2F0n08jb9p5vsTDiiKMoWM0CeIhz5iw5MrMHbebQ1fD0rmWm3NKwF60ApTQTqPPNfrEAUv1QCfiSnaHIFm%2FS7dVoN01%2FGKVNpyi7GGHvjiPQdrbfJ7Fgls%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=242&recv=164&lost=0&retrans=0&sent_bytes=245455&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=699&x=1", cfExtPri, cfHdrFlush;dur=43
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Wed, 03 Jan 2024 09:47:13 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd102b5-CDG
accept-ranges: bytes
content-length: 40236
server: cloudflare

GET
H3 200 logo%20yesbingo.png
file001.nxtengine.net/open-img-pub/providers/ 19 KB
20 KB 123ms
115ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20yesbingo.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 866f12547e61b95f853d5645e2cb05c0a736e87965afb737632f37f09bea583e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "659542aa-4b75"
age: 1050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nX5Lt0ygot05j2qtGlksd9zGwZVGXdvup4J52FuOJgQftrH997AAO1FyXTNft35WC3tthdYqgvbMEKw1nd%2FUSb%2Bj3%2FLZuz%2FvKTXIor3f7jjNtTS8IIkPBRCy86olwe%2BxoeKG89TLKME%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=57
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Wed, 03 Jan 2024 11:19:06 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd202b5-CDG
accept-ranges: bytes
content-length: 19317
server: cloudflare

GET
H3 200 logo%20ludobet.png
file001.nxtengine.net/open-img-pub/providers/ 33 KB
34 KB 123ms
115ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20ludobet.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d389189262517931a140ab8ba346893648ede6279b3fe68b81d4c8228223dc62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "658fdd5a-85cc"
age: 5580
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDd0%2BFduIgLclUBlOnKrun1sr5sBBIHw%2B%2B0kHTuugzyDkVcHchzac1ggwWXPrNL1g%2F%2BTZSWTfXjuUjyOwX810eyF40YGtx8CP58aJ1vEZLKTZhdxtjHC%2B%2BimZTUnCRDdtN2XkSozDoM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=60
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 30 Dec 2023 09:05:30 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd302b5-CDG
accept-ranges: bytes
content-length: 34252
server: cloudflare

GET
H3 200 logo%20hg5.png
file001.nxtengine.net/open-img-pub/providers/ 48 KB
48 KB 123ms
115ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20hg5.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0db2fe17828ac77ead4c507e5b2b934a86ce3017cc580284f8f69025647ca33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66b9f276-bec7"
age: 880
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kb9zVAJlUXJ96YViscAOsq2LxR1tPc%2B7swjOgLNm3oY%2F2OwuNEaZxSbZ4rPXOGoYuPTtDsiqGZGyzc3CuqaglNcUjZCZuTxMlP5Hhj1zA%2FFX6oL4DrDP3xNNNIwXcmoY53wJ1kjR1IA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=60
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Mon, 12 Aug 2024 11:31:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd402b5-CDG
accept-ranges: bytes
content-length: 48839
server: cloudflare

GET
H3 200 logo%205g.png
file001.nxtengine.net/open-img-pub/providers/ 5 KB
6 KB 125ms
116ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%205g.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de37d32d58fd51ea5feeaf2f51c0a9809f8f0425be4cafd77161d7778d441d70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "66c9ec34-14fe"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w88d8rJXkFJz%2FL5hbS53HZC8icuM5aLDogbZyXCVBHlmJRbTHCdRn5WclLpWAlFSIdE9ykTjYHWtymXACEdurohcRLdE%2BOdNeMayAKpxPh29ba%2FtyRBiFJ6Qq9uD8AQHypIpDPKODOQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=57
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 24 Aug 2024 14:20:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd502b5-CDG
accept-ranges: bytes
content-length: 5374
server: cloudflare

GET
H3 200 logo%20wmcasino.png
file001.nxtengine.net/open-img-pub/providers/ 14 KB
15 KB 125ms
116ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20wmcasino.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebff3dfe531f093ceeabc073a5cfae54d4860921bd629fdd82aebab116bd324f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-37c9"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcYEdLBObaGXnkZbscY6x0fLS1Z1Ymlk6gSyt4dN7LwWwKEvilZ28by3YYsUywJ4pMP%2FvCbZBVgUt63qneq%2FVHpzz2RGJ2QKppUj8fZacsD9TmNqlOxGHY0QexZKSJ6PLSiRvVk2ySg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=60
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd602b5-CDG
accept-ranges: bytes
content-length: 14281
server: cloudflare

GET
H3 200 logo%20sbobet.png
file001.nxtengine.net/open-img-pub/providers/ 17 KB
17 KB 125ms
117ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20sbobet.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 917c65c9ba358e27cd1e48c64a1e97dc333ea857f51b1fd9577280919924b8f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-4313"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXyMPUhRz6LIaKWSQssSgsBqK72omTdIuDXNyoX%2FlfkbHUOmn8hCw4DXzfbzMKAszMX1drYeKT8wa%2FBSMObGto%2F59VMHLzMnAyojTLh8SLoE4nOiosYu6Jd%2FDnzRsamDr0bxU9%2BjPBc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=186&recv=163&lost=0&retrans=0&sent_bytes=179626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=684&x=1", cfExtPri, cfHdrFlush;dur=60
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd702b5-CDG
accept-ranges: bytes
content-length: 17171
server: cloudflare

GET
H3 200 logo%20cq9.png
file001.nxtengine.net/open-img-pub/providers/ 12 KB
13 KB 125ms
117ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20cq9.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3712c2a04e32cd8c85c91000ef29b654aea04a5a4bf65cab83994187d3089fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48e-2fcf"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taj9pDjx%2B6NSjtHZOX3WY7MMizYRscBuzZxSDD0PxfCu9UmD55AHjjqL9Kh2lrEv6G3N0eaKvefnKyR5Uy42e7hb2bTfHPqFRbFtPQSAMb9Yd0VbuxaWv94pcJ8YQse6pYvnymstbbQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=226&recv=164&lost=0&retrans=0&sent_bytes=227626&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=692&x=1", cfExtPri, cfHdrFlush;dur=52
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abd902b5-CDG
accept-ranges: bytes
content-length: 12239
server: cloudflare

GET
H3 200 logo%20sexygaming.png
file001.nxtengine.net/open-img-pub/providers/ 18 KB
19 KB 125ms
117ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20sexygaming.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed42b2d6283dcc182af11b0ca71d180620bd3700c32be4b6f7ff403e049b084

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-4975"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8OiF07YmJKsTOr23YTzisBjgTqD8MPU8UCCE8z%2Fo4h8BML8Kg3s8jXrEJdHtJNP50MwKF7e6qnZr1JE4MLvDiBuxBu2%2FkDpr7AcC%2FbrJ0yVPn6uoJgZSJWrcMSjSpo%2B7iOFrnd6raU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=57
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abdb02b5-CDG
accept-ranges: bytes
content-length: 18805
server: cloudflare

GET
H3 200 logo%20joker.png
file001.nxtengine.net/open-img-pub/providers/ 18 KB
18 KB 125ms
117ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20joker.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec995175ea5d52dd1d650a15897b1f24d8a204d290e493c3da50a00f171a83b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-4723"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swTWRupB%2BZQhibcifW7WKGD7oZztX0S%2B4be5e7ebCjAoj3CTF%2BHiPm4wyUKwQJrBv5eBpHUpCI9zIEcD1%2BmCPPb0TjOYmfFmpeKoUFkRG7U2lvyIckB8%2BcaFcFJGIyiSchVXFswZlhs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=58
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abdc02b5-CDG
accept-ranges: bytes
content-length: 18211
server: cloudflare

GET
H3 200 logo%20realtimegaming.png
file001.nxtengine.net/open-img-pub/providers/ 8 KB
9 KB 127ms
119ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20realtimegaming.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f933850a2963f86bd8f4a6229e1421c28a40d8c8e9daa7d74517fef1ee1ccbb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-216c"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbQghhey%2BiJEtMuPgInT5Ntv1IVEppE5HNI%2BJVAXGdi%2FsuuNMBfgx%2FUE9T4avLVYIoX2kvsvnzhMpZuwWkC%2FnOOOJqaATbwH7ieFrXKWTLYxs6APUjliF3Hmlj7UjxAF62sZditMis8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=58
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abdd02b5-CDG
accept-ranges: bytes
content-length: 8556
server: cloudflare

GET
H3 200 logo%20ioncasino.png
file001.nxtengine.net/open-img-pub/providers/ 21 KB
22 KB 127ms
119ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20ioncasino.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c45b9157d5973925eb10755684b6863f058f4a55aff874447a0f1e66670f10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48e-54e1"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNCIY38YBXQwLOPEZbF8f0rneZ%2FwuRQhxVwyWiehcSbCMu9B72fhSjP%2FpNAr58XonlghE2NnXxGph9cQRbyzwmq3lEI2BzWtJ%2F5Ja7QVrlykaJMYsyc92umGWska%2BoczG54moSrzH00%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=58
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abde02b5-CDG
accept-ranges: bytes
content-length: 21729
server: cloudflare

GET
H3 200 logo%20worldmatch.png
file001.nxtengine.net/open-img-pub/providers/ 13 KB
14 KB 127ms
119ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20worldmatch.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f9b73ecd493b55016df0180e7be8e5158d810257041483886813851c7d40f9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-342b"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2BvCiuTtQZbKyCUVvyBK%2F20NlUxhMmF2jfh9PrxBgoVqdvnTDWaWtnosAPxklisUDfoepbvFQbUrH%2B2uUN8ltwavmo6nVO4zLAJtWhRCtyRZqXUnII36cF7P0NdG6x4YDDlCFoK0T%2FU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=216&recv=164&lost=0&retrans=0&sent_bytes=215626&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=57
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abdf02b5-CDG
accept-ranges: bytes
content-length: 13355
server: cloudflare

GET
H3 200 logo%20funkygames.png
file001.nxtengine.net/open-img-pub/providers/ 6 KB
6 KB 127ms
120ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20funkygames.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f906e028002f0907dd56c42c1773417d1c5fca7c470484b0af022db44670beea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48e-16da"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oH%2Fhl9hYMKj4gxF9C%2BHmdsPmAXxVF%2F6P3Vnlc9fKk2jimssUw0iEstjbS7mktsP49motH%2FhGejUz5%2Ff%2FzVowjVeVwi44qSHGGP3grTLToifM6XWI9OlVfh7XQZl55G4KOG7uEzElE0Q%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=242&recv=164&lost=0&retrans=0&sent_bytes=245455&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=701&x=1", cfExtPri, cfHdrFlush;dur=45
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8abe102b5-CDG
accept-ranges: bytes
content-length: 5850
server: cloudflare

GET
H3 200 logo%20sagaming.png
file001.nxtengine.net/open-img-pub/providers/ 10 KB
11 KB 127ms
120ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20sagaming.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b998f34c985f2978d199ecff055db008509416a9075e14bf940d6f10997f68

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-2887"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhBuXHb9c0TfTKdhVGOTfWJxoGrgge7JOA43hu4i40ynaSTclbVUHiQ6ubM4GWMuyv%2FNpVACSkz7c%2BcupElyh3mOmNBReZfIIZwM3m7SLHznd8Mp74lF6ZNLsQtJfJt7UUREB0wOd4U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=59
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbe202b5-CDG
accept-ranges: bytes
content-length: 10375
server: cloudflare

GET
H3 200 logo%20allbet.png
file001.nxtengine.net/open-img-pub/providers/ 9 KB
10 KB 129ms
121ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20allbet.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9655badef1fa41ecf6fe8e5b1c236c6f8a224047b0c475bf7937112b7ee66485

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48e-23b7"
age: 551
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BHf1vAbDAMwLLWo0as%2F%2Be1PEBqWjbjT0RhTIpdbNwWjjJb0RTtnTbHBjL%2BuIPNwKjgfPqiY1p8DYoSaqCHtyzadiEKlf1nFco%2FR9%2FDmYX91yhoeymiXN%2Bvuz6YPpXIfxe5qiayHRPs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=59
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:02 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbe402b5-CDG
accept-ranges: bytes
content-length: 9143
server: cloudflare

GET
H3 200 logo%20microgaming.png
file001.nxtengine.net/open-img-pub/providers/ 18 KB
19 KB 129ms
121ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20microgaming.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf35738cf4434e3e7550e76040b49e206fc3d66d44e71440261aec405629e88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-4987"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2FvFUkAF7Xn4DuQGV8oHepv73YFKZ2R%2BtWeimj5ctHOLi2BdTVMZae4Oh9V6O4qrIIfbC3bXHwTRibRdSje6NG%2FFbVPqIAaAnByENoX6q8oi1xkCwJ4i1X2910gTkc%2BSnsTNAULqlMA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=242&recv=164&lost=0&retrans=0&sent_bytes=245455&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=697&x=1", cfExtPri, cfHdrFlush;dur=49
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbe502b5-CDG
accept-ranges: bytes
content-length: 18823
server: cloudflare

GET
H3 200 logo%20saba.png
file001.nxtengine.net/open-img-pub/providers/ 18 KB
19 KB 130ms
123ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20saba.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79753ce70048b90233e874a2c040c85d79e2e74f26b62d134b7c9b919ae191c7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f48f-47f7"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9eUH%2BLVrsQR6cTZEu3J%2F3ZlXXHcCysJssCaOjuYyD3yneK%2FFQLVYHbUhShvq7VMSTEZA2t6BH%2FO3RhQfrFNf3zTiBLJMZ9taoMGZhcCqqniQsfrdNFH2mhsxb%2Bsh%2FXcKGbVblzGI3kE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=206&recv=163&lost=0&retrans=0&sent_bytes=203626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=58
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:03 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbe802b5-CDG
accept-ranges: bytes
content-length: 18423
server: cloudflare

GET
H3 200 logo%20ygr.png
file001.nxtengine.net/open-img-pub/providers/ 14 KB
14 KB 131ms
123ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/providers/logo%20ygr.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81ed276101980705f21c71bf0bd599176483da632ba566ffd79fa534cb7996cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6555f490-362d"
age: 880
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYaSGAR8xP9YT%2F4qr91irVAkIo%2FlroJjSaftoei69xHyQBoqq0GJZ29tQ3vWcDYm%2FiME8fj5J%2FdMSALA7L19f61x66VqUW1%2FbG3gaen7fa4%2BkeemAmx6cDv6QT2pFYOuuPJk9JrSEx0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=60
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 16 Nov 2023 10:53:04 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbea02b5-CDG
accept-ranges: bytes
content-length: 13869
server: cloudflare

GET
H3 200 BCA.svg
file001.nxtengine.net/open-img-pub/nxt/banks/ 4 KB
2 KB 131ms
123ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/BCA.svg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dbf35249ae8c8ab8e836810cd9071da005d2ed902714482304a4053249f5b96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62050e35-f45"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Sap9z9CeLR7zCfVXxJ%2BghaC5hRChnXJCR9awMGfShk5pkSsxFuTbrvCM%2B9pyIkFs%2FquFqDohBATjQRYkppdZhCEku%2F2agRxxfDODM1GbJebIKAHo2tXGafLff%2BBbiSPG70wm83%2Bpy4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=206&recv=163&lost=0&retrans=0&sent_bytes=203626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=59
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Feb 2022 13:08:05 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbec02b5-CDG
server: cloudflare

GET
H3 200 Mandiri.svg
file001.nxtengine.net/open-img-pub/nxt/banks/ 7 KB
3 KB 131ms
123ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/Mandiri.svg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83af03fc3771a02113160d6e874140e11ffa6f826b8112d808a371fe41a26796

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"63c3bd03-1d2c"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irafGmKUecxOBC3OJVcoddoihLFkOeGWx4Gs%2F8Sw346%2FUUDWnHZmYiWET07m1QWG3SMsWj3883wXzWY30eW69JcirUH7NxFtcitnJ6gNO6tnOnh1x0o5TX2loYHIYR3jBC0bNKCxk8o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=196&recv=163&lost=0&retrans=0&sent_bytes=191626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=687&x=1", cfExtPri, cfHdrFlush;dur=61
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/svg+xml
last-modified: Sun, 15 Jan 2023 08:44:51 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbee02b5-CDG
server: cloudflare

GET
H3 200 BNI.svg
file001.nxtengine.net/open-img-pub/nxt/banks/ 2 KB
2 KB 131ms
123ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/BNI.svg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 915460452e35da02503f19948c58f370c2b9c050e596ec34eb614508eea1bc5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62050e36-757"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FGIRg3L2JvaCPiNVVYin1EzebuwZFwSRiPfvUnNc31CJLmPHODY%2BUinJtxhPejIxPGFMfporic6xHgs4%2BvsPWaRLpOTrOwHPpvR%2BMhXsAylwI4AIq4sZ%2FcQnWo6oq6%2FZwFxqUSNPQE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=226&recv=164&lost=0&retrans=0&sent_bytes=227626&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=692&x=1", cfExtPri, cfHdrFlush;dur=56
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Feb 2022 13:08:06 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbef02b5-CDG
server: cloudflare

GET
H3 200 BRI.svg
file001.nxtengine.net/open-img-pub/nxt/banks/ 4 KB
2 KB 131ms
124ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/BRI.svg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3d6188fbc7665888469bb910c3be8d878ded3c208d1e77f39228abfa94ae79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62050e37-ec7"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQsx7epB7oKk4kdIpDbQcApLiE3%2FiLVD2xx62g1RXq3pVL9nf0BRsL7Xk6X8UYEloD2X5JDoztDjZXOKXgMtk18sm9vNilM2RFd0wofyKbdk4qMqqxhFXiBCFGPe78PWOQMnYvLiwqg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=216&recv=164&lost=0&retrans=0&sent_bytes=215626&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=59
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Feb 2022 13:08:07 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbf102b5-CDG
server: cloudflare

GET
H3 200 Gopay.png
file001.nxtengine.net/open-img-pub/nxt/banks/ 8 KB
9 KB 131ms
124ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/Gopay.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa4ff57362031b65d706ac778e19f07689b6cf3461bda1e20374729c683e14d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "63379f08-2031"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMPFqct0JDIUS%2F4Nq4jAKaFEV6tgmiz6CVBbKAeJW%2Br1RGVdlDWuA2z4f1DgvlnTpJRhCow67ygBwwqIjOI7%2BmSUMUBNs%2FkQTlgFCnHq3g5bclAMiHRXLO2H78A9t%2FYeMJTD3S1iWCc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=206&recv=163&lost=0&retrans=0&sent_bytes=203626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=59
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 01 Oct 2022 01:59:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbf302b5-CDG
accept-ranges: bytes
content-length: 8241
server: cloudflare

GET
H3 200 ovo.png
file001.nxtengine.net/open-img-pub/nxt/banks/ 33 KB
33 KB 131ms
124ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/ovo.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbdec9a8b709218de3b0b00c89763063b3f321be4dfd3013d06ad3455fb0960

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "6337a0ab-821c"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QvpWrjLr5PYwIhhqVBbwWaHdeGVH25xYzkP7Ix6apAgzvv%2Fm402LWQ4BBBdeoXWQzZtbxWljqgnmJxpTh6GuOAN98%2Bv2fhc9aK52A9vXDuUeu4e2B9brRLFgCoFktaaqJog8XMwi3rg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=206&recv=163&lost=0&retrans=0&sent_bytes=203626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=59
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sat, 01 Oct 2022 02:06:35 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbf502b5-CDG
accept-ranges: bytes
content-length: 33308
server: cloudflare

GET
H3 200 DANA.svg
file001.nxtengine.net/open-img-pub/nxt/banks/ 2 KB
2 KB 133ms
126ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/DANA.svg
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba50dbb89f91c68e3ffa2aaa0bab7f641fcf4bf01217342909ee9d7ab35513c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62050e39-88d"
age: 2736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8YTbnQNFoyJBJDbDAHTq%2F1pVMAIy7m1L1QeRHxWjGlsBLBy8q1S0cUL4Ga8kZIxYro8lBv8MpaVLGinGBPDYqZH9LU6Xik%2FvwbCO77i0rbn6RSI1%2BKFabds3f6XXeIwao4GwJBY%2B1I%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18188&sent=216&recv=163&lost=0&retrans=0&sent_bytes=215626&recv_bytes=42292&delivery_rate=239199&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=689&x=1", cfExtPri, cfHdrFlush;dur=60
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/svg+xml
last-modified: Thu, 10 Feb 2022 13:08:09 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbf602b5-CDG
server: cloudflare

GET
H3 200 telkomsel.png
file001.nxtengine.net/open-img-pub/nxt/banks/ 17 KB
18 KB 133ms
126ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/banks/telkomsel.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e94cb81927cbfe2e61fc631d786953bb62c95fc60aa2154db4602cbde347d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "63c3bf14-44f5"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2GLogTqypFbc1LsbmMCew0Uc0vO8Ik8QyS1xyFBMk7FcL%2BgUEDYitEqTAC4Ax9rIip4XrrL1faItatO4Le27VYRnFiQJkbrFTp5DHFNT%2BmkZFbsh6fhJmXM8ZUu2jwwTfdWUV0NXZpY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=226&recv=164&lost=0&retrans=0&sent_bytes=227626&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=692&x=1", cfExtPri, cfHdrFlush;dur=57
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Sun, 15 Jan 2023 08:53:40 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbf902b5-CDG
accept-ranges: bytes
content-length: 17653
server: cloudflare

GET
H3 200 login.png
file001.nxtengine.net/open-img-pub/nxt/category/ 4 KB
5 KB 133ms
126ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/login.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d54669c20d6994a0024188af9f16a16060b9b935b66e565221f62284b1236ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "645c6fdf-10db"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSu2oYqrv%2FGS6ltEiucdz%2FJrFXLc%2FBOhNR9gkabkaaNy0OIG5xfEYv6RPYZSwNeR5k4C7Id5USVeZk%2Bxjf2Ql9fkqKfL8tg57edPBwDXvWihkp4Y%2F%2FXf6gnpjNSxgpsJbONS6j2s9RY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=234&recv=164&lost=0&retrans=0&sent_bytes=237085&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=692&x=1", cfExtPri, cfHdrFlush;dur=57
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 11 May 2023 04:32:31 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbfb02b5-CDG
accept-ranges: bytes
content-length: 4315
server: cloudflare

GET
H3 200 register.png
file001.nxtengine.net/open-img-pub/nxt/category/ 4 KB
5 KB 134ms
127ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/register.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e855dfb56bcf66e4dc1ee4c33564af174587872dfa6281e7b69ed5b957f9683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "645c6f72-1181"
age: 754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35gkG1x0iaGD6PO4jWXHZWJXvEG1cE8aqnSvRxxRJvik72p0JsSbvvUs0Y%2FoHwB6xfbePTawCw2QG4m16ooKqa%2BCXdvhL5IlMRDG5TuPJsF4R5DGwkYxpfhGCtJgzFG7KOcqL8E2N40%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17246&sent=366&recv=170&lost=0&retrans=0&sent_bytes=387297&recv_bytes=42930&delivery_rate=1260548&cwnd=147300&unsent_bytes=0&cid=0082a9776fa78872&ts=711&x=1", cfExtPri, cfHdrFlush;dur=39
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 11 May 2023 04:30:42 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8cbfd02b5-CDG
accept-ranges: bytes
content-length: 4481
server: cloudflare

GET
H3 200 chat.png
file001.nxtengine.net/open-img-pub/nxt/category/ 3 KB
4 KB 131ms
93ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file001.nxtengine.net/open-img-pub/nxt/category/chat.png
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f281eb487a354c1f67d5d2ac492146ad9c11db8049ad935139f7a00c02d56632

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

cf-cache-status: HIT
etag: "645c7348-c19"
age: 4886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NoK1ygjqXXkfRaLo7iLSjhnXFYz9wyfl0t5AcESv%2FraQmosNWrRPZRpxi60%2FkeO10BfIZxT%2BkTAGOhQt0cQKKp8vPCIt%2BopbXKeEBG2ORiNW0S9hGGxc2lyNeCQv6sg32wLODnrxGM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17903&sent=242&recv=164&lost=0&retrans=0&sent_bytes=245455&recv_bytes=42666&delivery_rate=239838&cwnd=76500&unsent_bytes=0&cid=0082a9776fa78872&ts=700&x=1", cfExtPri, cfHdrFlush;dur=50
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: image/png
last-modified: Thu, 11 May 2023 04:47:04 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8ec1802b5-CDG
accept-ranges: bytes
content-length: 3097
server: cloudflare

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 211ms
121ms Script
application/javascript 23.213.161.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS160ORC77UF26CUB5U0&lib=ttq
Requested by: Host: garansitombak.cfd
URL: https://garansitombak.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e48311007ac597c41f8014c615ae4a0c03df395b7c8e06ec42be746d4a266b36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a23-48-100-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires: Sat, 02 Nov 2024 05:00:41 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=8, inner; dur=5
x-cache: TCP_MISS from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 3e45a6bd.4e290bf6
x-tt-trace-host: 01481e7357d79d0549bf363a9d94c0f2d1ad5c0e3293fa49b2b2d67fcf1b0ccb43caba4ea6ee347f1a2f2b8bdb060cae21b45d4a2d3a9b83b39c5e372ed38864ed4c68e74756c6bf00dfdec2eabcf0c4182eca9a484f532624a327c5c7064d135106e93aaf0683b2ef591939b942661d25
x-origin-response-time: 9,23.48.100.133
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241102050041B09F6F42A473A03DD1BF-2ECCA0505FAFBE12-00
content-length: 2240
x-parent-response-time: 95,23.213.160.219
x-tt-logid: 20241102050041B09F6F42A473A03DD1BF
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 43ms
22ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-Y2GeTPv4' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:41 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Y2GeTPv4' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4463, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: yz/L9dmP6Um4SHLRgwmi9XRn9nJ4RT7zA05oqydhvS9ngzUwrz4dt17wYWjntBjN6cvmsrRpOABN8a0xdiBQuw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 43ms
15ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://garansitombak.cfd
Referer: https://fonts.googleapis.com/

Response headers

age: 315719
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 13:18:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 13:18:42 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 bootstrap-icons.woff2
file001.nxtengine.net/open-src-pub/bootstrap-icons/font/fonts/ 127 KB
128 KB 691ms
678ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/bootstrap-icons/font/fonts/bootstrap-icons.woff2?dd67030699838ea613ee6dbda90effa6
Requested by: Host: file001.nxtengine.net
URL: https://file001.nxtengine.net/open-src-pub/bootstrap-icons/font/bootstrap-icons.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476adf42b40325098fcfa8b36ab3e769186bb4f6ce6a249753e2e1a9c22bf99e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://garansitombak.cfd
Referer: https://file001.nxtengine.net/open-src-pub/bootstrap-icons/font/bootstrap-icons.min.css

Response headers

cf-cache-status: MISS
etag: "663331c8-1fd5c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1dRUKFCKtsLFhb9xm4X0uIZnfNu%2FCQg%2BhalTMpUDyBMIE0OfWKdiLuyVTpvKSNOM8tweQy9F9LRGmEx0yBwB2CsiEucI3saZrD2a712blVCuBEQ%2FwV3aQoBdXywzCzvKU%2BcHNJLRhQ%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14709&sent=32&recv=24&lost=0&retrans=0&sent_bytes=29325&recv_bytes=6085&delivery_rate=436806&cwnd=24000&unsent_bytes=0&cid=f0076682dd204b11&ts=660&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/octet-stream
last-modified: Thu, 02 May 2024 06:25:12 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8d9e1a06a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130396
server: cloudflare

GET
H3 200 fa-solid-900.woff2
file001.nxtengine.net/open-src-pub/fontawesome/webfonts/ 151 KB
151 KB 766ms
754ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: file001.nxtengine.net
URL: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://garansitombak.cfd
Referer: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css

Response headers

cf-cache-status: MISS
etag: "65b64b80-25a74"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHKpS4jMsQBKHcxpJ3NMqNVNr551%2BSnSBHx4F941Is68pdU1P3GurLBQ9mcZ6LNtrnO8Egr8nFcNW1raL2D%2FLP2BfiiTjBHO%2BB0cs3TxHtod5y2B6DGpZlOI%2FQINAQyDk1x7Qzusn4w%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18018&sent=74&recv=45&lost=0&retrans=0&sent_bytes=78250&recv_bytes=6996&delivery_rate=756985&cwnd=38400&unsent_bytes=0&cid=f0076682dd204b11&ts=729&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/octet-stream
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8d9e8a06a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 154228
server: cloudflare

GET
H3 200 fa-regular-400.woff2
file001.nxtengine.net/open-src-pub/fontawesome/webfonts/ 23 KB
24 KB 612ms
600ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: file001.nxtengine.net
URL: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a274e7629c0d71dcf8cab1e7733687ebfe32e2c53b4ca9fad050b4f1d5471f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://garansitombak.cfd
Referer: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css

Response headers

cf-cache-status: MISS
etag: "65b64b80-5d84"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BFvXUsIT%2FE17ZvZw2GQ54AlTelFJky8qPTe5NgtutdF2BJSky5grxMEcMQAljrDmAj757m1we4dhXBD1tCQunHnunYM2tRFTXspNGfnGBiORZYeXYxg9ZveL215FApXFQy%2BxxfkYGxc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7340&sent=11&recv=13&lost=0&retrans=0&sent_bytes=4147&recv_bytes=5611&delivery_rate=860&cwnd=12000&unsent_bytes=0&cid=f0076682dd204b11&ts=583&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/octet-stream
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8d9e6a06a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23940
server: cloudflare

GET
H3 200 fa-brands-400.woff2
file001.nxtengine.net/open-src-pub/fontawesome/webfonts/ 103 KB
104 KB 857ms
845ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file001.nxtengine.net/open-src-pub/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: file001.nxtengine.net
URL: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://garansitombak.cfd
Referer: https://file001.nxtengine.net/open-src-pub/fontawesome/css/all.css

Response headers

cf-cache-status: MISS
etag: "65b64b80-19c40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v9pF62W5O%2BopJ5EMawK6E7Ol%2F%2FDIq0bK1ExEgmp3BjqYDfqoYfBQJsiI%2BE2tfrgZzOU%2Fot2Qjz7IPop3OOX06Q3nxLQJEM9%2BN3%2FxTevKGb0BRhnQw1%2BAPxNr2EDlIzXxlCR6SpVxx64%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18018&sent=101&recv=45&lost=0&retrans=0&sent_bytes=110382&recv_bytes=6996&delivery_rate=756985&cwnd=38400&unsent_bytes=0&cid=f0076682dd204b11&ts=745&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/octet-stream
last-modified: Sun, 28 Jan 2024 12:41:36 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dc18ff8d9eaa06a-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 105536
server: cloudflare

GET
H3 200 MJW%20BONUS.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7LDCOT5Ab-oI4Z3Fkzksy6vMj82bn8X77mhSWtDye9IaRcDwMzFRgkKEfwHs822TN68_lcxYyRQtuvRSA7blg2ZVPoRWCJ1BZ8LeLUTa1BOPDiAJpZts5vKINwnr62WX7mgoOb3feqtyJVmsP... 288 KB
288 KB 474ms
472ms Image
image/gif 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7LDCOT5Ab-oI4Z3Fkzksy6vMj82bn8X77mhSWtDye9IaRcDwMzFRgkKEfwHs822TN68_lcxYyRQtuvRSA7blg2ZVPoRWCJ1BZ8LeLUTa1BOPDiAJpZts5vKINwnr62WX7mgoOb3feqtyJVmsPAf5lc529GVwDiHqGevNbTPDBghLI3sBzk8rrlOBojom5/s166/MJW%20BONUS.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

6dba2907b9db3c034135226ec9692623388b13551615e1d66de832f1d5cb3a14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v20b"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 294686
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="MJW BONUS.gif"

GET
H3 200 MJW%202%20%20BONUS.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnfLdf6EWgdZFJp1f1qv9xp4GCVc8gpQKwzJU8Z_L7BR_vca75iezR5TgfRG8Ac-dVb42njrbhepmnmdT6JuG2hJNvPMFr8WnhV29jHLSq9EIBKGmVOqI_cWvBVwf6IlqkNHTa9OSCE5DegkuG... 690 KB
690 KB 353ms
351ms Image
image/gif 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnfLdf6EWgdZFJp1f1qv9xp4GCVc8gpQKwzJU8Z_L7BR_vca75iezR5TgfRG8Ac-dVb42njrbhepmnmdT6JuG2hJNvPMFr8WnhV29jHLSq9EIBKGmVOqI_cWvBVwf6IlqkNHTa9OSCE5DegkuGOSj0Z4VOCs55bWmHPgmtEqT6zrsR0-35uXync39W2a-G/s166/MJW%202%20%20BONUS.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

7eedc042e4653629e4df416f72b6db88925d1f69b058b1c2bfa90673d36cb8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "v20b"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 706325
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="MJW 2 BONUS.gif"

GET
H3 200 GARANSI%20LOGO%20BANNER%20PANJANG%20KECIL%20BAWAH.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRNq8Jf6971aG2m49H2XU7jz_noc5_x7NktnU5XDOzH9PgEIibD5AS1CmwUaPYYzoE6em-7P-VTyyvqVCMHNUMsbIdMPIFOE7WtHYKBH59YoSSWeAXgy8FiDe3-gG2nWJ9KBVvdEi_tUHGgKxX... 10 MB
10 MB 529ms
528ms Image
image/gif 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRNq8Jf6971aG2m49H2XU7jz_noc5_x7NktnU5XDOzH9PgEIibD5AS1CmwUaPYYzoE6em-7P-VTyyvqVCMHNUMsbIdMPIFOE7WtHYKBH59YoSSWeAXgy8FiDe3-gG2nWJ9KBVvdEi_tUHGgKxXLhogAFxNow-D6dG3gjNJ-45LYqOf4eGAumO7ZedIdS42/s16000/GARANSI%20LOGO%20BANNER%20PANJANG%20KECIL%20BAWAH.gif

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

fife /

Resource Hash

2bbffc0ab9680d065980eb4838cd0afd6a29089a902f276874e0c64a14e857fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
etag: "vfa"
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 05:00:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10454695
date: Sat, 02 Nov 2024 05:00:42 GMT
x-xss-protection: 0
content-type: image/gif
vary: Origin
server: fife
content-disposition: inline;filename="GARANSI LOGO BANNER PANJANG KECIL BAWAH.gif"

GET
H3 200 EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2
fonts.gstatic.com/s/sairacondensed/v11/ 16 KB
16 KB 30ms
29ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v11/EJRLQgErUN8XuHNEtX81i9TmEkrnfc9Q962f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Exo+2:wght@700&family=Saira+Condensed:wght@600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://garansitombak.cfd
Referer: https://fonts.googleapis.com/

Response headers

age: 221789
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:24:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:24:12 GMT
last-modified: Wed, 27 Apr 2022 15:12:17 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16832
x-xss-protection: 0
server: sffe

GET
H3 200 901009575169633 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 148ms
147ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/901009575169633?v=2.9.176&r=stable&domain=garansitombak.cfd&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

e5dc92c52c76a37e1752ee6cc47888aa96d26ffcd48a7520d8a812e16fe9f561

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-XnrZWCCX' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-XnrZWCCX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=77, mss=1232, tbw=70862, tp=67, tpl=0, uplat=103, ullat=0
pragma: public
x-fb-debug: 26zKCoEYIHwrT5mYHpimoQ0uc4NZJiuJ4uoyTeNAz9hQtSdfXr7DohwyP6aXa9fhgu7qqYsJne8DJv2M6mAcfg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 main.MTJhNGMzN2YwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
96 KB 37ms
33ms Script
application/javascript 23.213.161.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS160ORC77UF26CUB5U0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-241024123508BB3970A97D23D996DB5C-4F7798554C89D38C-00
content-length: 97169
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241024123508BB3970A97D23D996DB5C
server: nginx
x-akamai-request-id: 4e290f94
x-tt-trace-host: 010d04f7d35979cc29bd1592bad9efbc34e932600ab62363d86e5a23267ef054533e74dd39547031dcb5b7ff9252f84c1b3cc975137b57f9855cce022aa2fd0e7d9ce8d8991a348d9a694d748c5760bf883618cb6df424d0d93703cc70ccc9e1f7

GET
H3 200 477103045078042 Show response
connect.facebook.net/signals/config/ 28 KB
3 KB 136ms
128ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/477103045078042?v=2.9.176&r=stable&domain=garansitombak.cfd&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

fb0367bfafa5b09ed5c6fe180ff19bb4138027ad50b3b6b48105bc5a51cd4121

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-5aTQhdaK' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5aTQhdaK' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=78, mss=1232, tbw=87038, tp=84, tpl=0, uplat=88, ullat=0
pragma: public
x-fb-debug: S9eP0mApDHC4y8oHROD5t3Ok0AbWyM4AxIDmt9M9QaUCL0nNuQXm+zolIDxDiGvEGwgqg31SmK1dcC7ZW1Ptow==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 103ms
28ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901009575169633&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642344&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=GET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=3023, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 404ms
330ms Image
image/png 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=901009575169633&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642344&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=FGET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432542448640195562"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 1ou+NWw+bJZcrVNnYWria3U4v+HB48uoQGwBODzAbIK91DrorAFfxgUs5I+cNNuckpKFeXmkw+/EFvMFg2VbgA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432542448640195562", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1297, tbw=3355, tp=-1, tpl=-1, uplat=118, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 92ms
90ms Script
application/javascript 23.213.161.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-24083002252950025D613AEAED5E2E70-5FCAA6CF46C69E27-00
content-length: 39330
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024083002252950025D613AEAED5E2E70
server: nginx
x-akamai-request-id: 4e2919de
x-tt-trace-host: 0143abac0f4003bd96af5c29253b82c47e8db99c3db24377a0ec0f593a97ff9053ed8bacb2facd45510bd70fd5888da7ef0bb467635bf5910beb0397f1ea6f235de9eceeaeab5dc847218a3c21479232eaedc14dee6e452a6b12499eec72aa4719

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
881 B 483ms
480ms Ping
text/plain 23.213.161.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://garansitombak.cfd/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-142.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 02 Nov 2024 05:00:42 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=29, inner; dur=26
x-cache: TCP_MISS from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sat, 02 Nov 2024 05:00:42 GMT
x-akamai-request-id: 76387249.4e2919df
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01481e7357d79d0549bf363a9d94c0f2d1ad5c0e3293fa49b2b2d67fcf1b0ccb43587e2550e4cdff161d08137333af64888f0002b6ab5d179fab2f39cfb69c5452f342a4ac8b0ca8430c5d87b61d30f2679b4aa633542d55ce942e1406828f253441092f3a104717386840adb2ab9081eb
x-origin-response-time: 30,23.48.100.142
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24110205004283C23D2EFF655F3E5CAF-20F9AB272EE59BA4-00
content-length: 0
x-parent-response-time: 123,23.213.160.219
x-tt-logid: 2024110205004283C23D2EFF655F3E5CAF
server: nginx

GET
H3 200 267242896471529 Show response
connect.facebook.net/signals/config/ 28 KB
3 KB 104ms
103ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/267242896471529?v=2.9.176&r=stable&domain=garansitombak.cfd&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

cdc27354a477c69df80b39f0a39d8154fb498124c6dc04c60a9b2d12c22bed8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-p3ZUgORw' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-p3ZUgORw' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=78, mss=1232, tbw=91214, tp=91, tpl=0, uplat=42, ullat=0
pragma: public
x-fb-debug: uzyz1he2BB8K2gN2KP60TGmg0OV3G8caBOrKochnMNQjsKV6F9Er5QXF13EHebuEkVVVuLqirVwkGtqDbiGzYg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 214ms
206ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=477103045078042&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642534&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=GET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=14, mss=1297, tbw=6259, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 208ms
207ms Image
image/png 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=477103045078042&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642534&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=FGET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432542447402291811"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432542447402291811", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: 0AcG/j+aI1yD1U7zUFbr6Ln3VNQ/PcEbhx6AXJ0MQBQMG6xQVh5WCiZ5wajB0BTzMbBUm2nCA2eYL6d6YNdE6Q==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=3, c=4, mss=1297, tbw=6415, tp=-1, tpl=-1, uplat=68, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 758284436231446 Show response
connect.facebook.net/signals/config/ 28 KB
3 KB 90ms
88ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/758284436231446?v=2.9.176&r=stable&domain=garansitombak.cfd&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

bf8ef0848e3bba3d609b9c5a242a078113df8e67f88a62151dd9d820b57a44bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-GSglhp2s' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-GSglhp2s' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=78, mss=1232, tbw=95374, tp=97, tpl=0, uplat=46, ullat=0
pragma: public
x-fb-debug: KAcwO4PkbTcVoJZVMwwwe7hQsYOrfyRXbUdCzbKz6wDHMVqggFJ1mLyEwb7kFdZDjdxxNhJq5kaw+qPZma0OHQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 61ms
59ms Image
text/plain 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=267242896471529&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642701&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=GET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4775, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 171ms
169ms Image
image/png 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=267242896471529&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642701&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=FGET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432542447688056561"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: VLSJ5Holc5UkZWcX1OMwg4uGDl4MbuYmrx5g52IId3nKPW6FcQQVB9ZyOgjaL5qoLb4j4oxxl9GpTuGH/UCqHA==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432542447688056561", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=4, c=23, mss=1232, tbw=5479, tp=18, tpl=4, uplat=122, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
880 B 215ms
204ms Ping
text/plain 23.213.161.204
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-204.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://garansitombak.cfd/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 02 Nov 2024 05:00:43 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=105, origin; dur=34, inner; dur=31
x-cache: TCP_MISS from a23-213-160-219.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sat, 02 Nov 2024 05:00:43 GMT
x-akamai-request-id: 3e45d64b.4e2920a8
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01481e7357d79d0549bf363a9d94c0f2d1ad5c0e3293fa49b2b2d67fcf1b0ccb43caba4ea6ee347f1a2f2b8bdb060cae217eae90300d6cfb3d4f10c5e6dceff18253e4fb9d4438143f9ab9216284bfcd721a8ec53d5517674fb46e9ac51836bbb26662a5a055ed9a0aaa628d3b83c36113
x-origin-response-time: 34,23.48.100.133
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241102050042B1FF30BBD64B903E2AFD-3D46DD87716B4077-00
content-length: 0
x-parent-response-time: 124,23.213.160.219
x-tt-logid: 20241102050042B1FF30BBD64B903E2AFD
server: nginx

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 25ms
24ms Image
text/plain 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=758284436231446&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642860&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=GET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=4, c=23, mss=1232, tbw=8423, tp=24, tpl=4, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
191 B 52ms
52ms Image
image/png 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=758284436231446&ev=PageView&dl=https%3A%2F%2Fgaransitombak.cfd%2F&rl=&if=false&ts=1730523642860&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1730523642339.734143953737729655&cs_est=true&ler=empty&cdl=API_unavailable&it=1730523641999&coo=false&rqm=FGET

Requested by

Host: garansitombak.cfd
URL: https://garansitombak.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432542448048764619"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 05:00:42 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: B0ZEKGoBw/QnS6CO0569PiRS48r7btYumk3oIVoAJiflzSA+E4lwrikKxV02UiAujeMGsvi02IJ8yQqUxu1GTQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432542448048764619", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=4, c=26, mss=1232, tbw=8663, tp=27, tpl=4, uplat=26, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 %C3%A2%C2%80%C2%94Pngtree%C3%A2%C2%80%C2%94golden%20bell%20icon%20for%20slots_6635649-1702125741416.png
user-upload.aws-s3-r1r2str0bjx.sg-sin1.upcloudobjects.com/2023/12/9/ 247 KB
248 KB 643ms
180ms Other
application/octet-stream 95.111.192.140
UPCLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://user-upload.aws-s3-r1r2str0bjx.sg-sin1.upcloudobjects.com/2023/12/9/%C3%A2%C2%80%C2%94Pngtree%C3%A2%C2%80%C2%94golden%20bell%20icon%20for%20slots_6635649-1702125741416.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.111.192.140 , Singapore, ASN202053 (UPCLOUD, FI),

Reverse DNS

95-111-192-140.sg-sin1.upcloud.host

Software

nginx /

Resource Hash

e5c394f5a36f2b80ce984f6290e29e10d9ec991845605bc2c0ef72cfddc16242

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://garansitombak.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
content-security-policy: block-all-mixed-content
etag: "04c3b878b6694ca2752bbf96ac800d14"
x-content-type-options: nosniff
x-amz-request-id: 18040E184DCC8FA7
accept-ranges: bytes
content-length: 252550
date: Sat, 02 Nov 2024 05:00:54 GMT
x-xss-protection: 1; mode=block
content-type: application/octet-stream
last-modified: Sat, 09 Dec 2023 12:42:21 GMT
server: nginx
vary: Origin, Accept-Encoding

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
garansitombak.cfd/	1969-12-31 23:59:59	Name: PHPSESSID Value: abespkfttrvet3em3sch603d2f
.tiktok.com/	1970-01-21 10:03:39	Name: _ttp Value: 2oHPgmVSp4vHNBNE8Dx4OHYYHwC
.garansitombak.cfd/	1970-01-21 02:51:39	Name: _fbp Value: fb.1.1730523642339.734143953737729655
.garansitombak.cfd/	1970-01-21 10:03:39	Name: _tt_enable_cookie Value: 1
.garansitombak.cfd/	1970-01-21 10:03:39	Name: _ttp Value: 0NYvStZM7qF9-vSpIKfLctian80

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazon-aws-open-src-pub.sgp1.digitaloceanspaces.com
analytics.tiktok.com
app-a.cdnlogic.net
blogger.googleusercontent.com
connect.facebook.net
file001.nxtengine.net
fonts.googleapis.com
fonts.gstatic.com
gambarmanis.xyz
garansitombak.cfd
img.nextgen.sg-sin1.upcloudobjects.com
lkdfvx-pub-aws-sss.sgp1.digitaloceanspaces.com
nextgen.sg-sin1.upcloudobjects.com
p670ty4f35.gcdikeagzb.net
user-upload.aws-s3-r1r2str0bjx.sg-sin1.upcloudobjects.com
www.facebook.com
103.253.144.208
104.248.147.63
13.35.58.16
142.250.185.161
142.250.185.227
157.240.247.35
157.240.247.8
172.64.151.130
188.114.96.3
23.213.161.204
2606:4700:3034::6815:5449
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a03:2880:f173:81:face:b00c:0:25de
95.111.192.140
01e3ccfba4fc94c5cd341f450987289ebef6a8e026a2a36404254aa45a75f72f
051c6cfdd89fbb99eb00864fc8ee468089de07e24fd90e41b776aadfad4449ff
06e94cb81927cbfe2e61fc631d786953bb62c95fc60aa2154db4602cbde347d1
08adeb168367052abe57e4a34f70bfa13af7c01bda0e1e750b9c51def0b3bcc5
0e1b594a56de38349cf125bb1fc77b9bfdd06a0a3eaf27bac4c17909410380b2
0f9b73ecd493b55016df0180e7be8e5158d810257041483886813851c7d40f9f
11c45b9157d5973925eb10755684b6863f058f4a55aff874447a0f1e66670f10
15899437c78e21638c231722b6e03abffb95f0be2320fc0c244efb379bb39e66
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5
1683e78b2a506e35c314d9b61e7eb6a5d5582a63c95e1c555a0dbfe27da48137
17df7def0661c0c4520632cf848e733c886c25c52b689770b088a1e2f3497ddf
1a26e824b55e2cff3300eb109e84810f39597b30eb0027dc0b26a510387a22ef
1a7262fb32846d20fd4a9355bd2576f0c7e3c84197a21b3260ab82631d9c1587
1e855dfb56bcf66e4dc1ee4c33564af174587872dfa6281e7b69ed5b957f9683
1e92d2f18c242d540437f51413221e45f222128816f6720da7dabf4c8278a304
1ed67707199c9796bad270bc1e7e9b068508537a93e9fdae3a8c3681a8489202
20fc4e0e157a5dc9f66b07e97f1b293843840a908ba4092c291711caffeeb4e1
2313bf47fc5c4e50bd62fffdebe164d15b1a5463429acfdcc0d3836ab5ceae39
2326be32c03c1910e566eadd7229f45ed9ba81da0e2454ff6334b7b992fbca3e
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
24b998f34c985f2978d199ecff055db008509416a9075e14bf940d6f10997f68
2bbffc0ab9680d065980eb4838cd0afd6a29089a902f276874e0c64a14e857fd
2dbf35249ae8c8ab8e836810cd9071da005d2ed902714482304a4053249f5b96
2ebdfc53cff59ba0dab9d1574ada6cd154547bdd1eb684e4ddb8ebc9ee89584a
301d511a2fa372357a8cc99139279aa44068cf0b82c6d35f370e705acc2f93df
33e3d2b454356b205a70d22784c52d6f2aeff9276a887238c1c448a5ce1c206a
3407c1cdadf3702d43f427ce766a446303d9a2672b927ef5ee7bc6454a9159ed
37f889d771b5766c0b45aea7b1fdefe6732759680c3fe16f8451fa54b19135d6
38ed327bf8d2a90f8f65aefbbbddc47821dd0aefcefabcc73c63b22512b22b6d
3bd0b3cf35b523c80176a193216953076245f0a85e1e7b7c77c12304f23f1178
3f5b834d95387cdabcc7406fc5bdf59d274e44b1cb2c98f685f1a6ec73e53de0
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
40838675b2a634b0d94eced8e04a68fb66ff18b44116c640b041bd1a266bd7e4
42ceedb4d8796ab9961b9fa99eaffa106198ea604de4d4d749305077c467bb70
43fd29006b5fee88fca9eb0022f638915b18c6bd48a3ec7016d86af7d3cd75db
44de69755063ca3f634632d8c72b3087f1b78b81ac497d09674cb29d9824ecb0
45efd6b597ce7b47a91d7153d5ac5efd1bac984587e962c984e96c01e18dd82a
4689aa56b64a30ee0a6140ea62c44855ec9c4da442e47d34aec8a52b810b78cf
476adf42b40325098fcfa8b36ab3e769186bb4f6ce6a249753e2e1a9c22bf99e
49b330c4289f4b8798cae45c8f88c5dec750e79cd48a8dae2380a75d535197a1
4cbdec9a8b709218de3b0b00c89763063b3f321be4dfd3013d06ad3455fb0960
4eedb5149103e5a13b5c747237d5f0f3d44bc7c2acccc3b226f29c2a8b3eaba5
503b9f69d5efa0fa1843f008a8a5a44d2315ea0437a204687854a7d75dc4805d
5080ebfb93f1b7a47191a399d95e54b02b13bbb407769b687ec3b8a768fc76ca
50ae9db379e3791e57596c1e054fee69e579919e832ae92d8fbe4e3a52a9c90b
51ecb84fd649062e415e148cbd15dc47dbf01b65fb33c559a7b9278afa550994
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
523f3aac7d14c4f4bc098ffcd89f5ffcb4d6427dfbc108921dba9f2eca2e2643
5b562aaa1411d3173d8b772aae667bbadade77418df7b0ba68a58733a51cf92c
5b9eeb30335f6b18108d97078f104090860f28ac09d91712e424f641edf3b4e4
5df057caeaf524c7883043846c6c4762a4c974262896595be337247fb8095f44
6321a44aab61c512f3e106cadaefc5e2a5d83264045e6d02c23bf6b99dee04b5
670ac78d9467a719a853de3e4f4fe46c31419d3a5f36e5e22fe7bd9f7ca6e006
6801f9027ba5ea7297d2c5842af2fc3930e3636c5a63e371b676dfd4f874c26a
6a274e7629c0d71dcf8cab1e7733687ebfe32e2c53b4ca9fad050b4f1d5471f3
6d54669c20d6994a0024188af9f16a16060b9b935b66e565221f62284b1236ff
6dba2907b9db3c034135226ec9692623388b13551615e1d66de832f1d5cb3a14
6e405c8d3fd46ba6904768396470c14ef77817af765c789d49e7d333c0edb119
6f933850a2963f86bd8f4a6229e1421c28a40d8c8e9daa7d74517fef1ee1ccbb
72c36230f1e922dccfa91a5da5ec54bc757765891ff4e19c152ea3798b678a60
787762fad0d3eaff0cb3f380ad64623333bc48d50dde7c26162e0da781657c88
79753ce70048b90233e874a2c040c85d79e2e74f26b62d134b7c9b919ae191c7
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7b7317833a360b493450a80540baa24e1f5c3dd28e28f68be44065611bebebc6
7bc2713e7c09a8e1bfecc9e06056e661c931b78b124cf3d69ddba78aae02737d
7df6e45e706efffc6d96e5c2db9176120328a4f5939807ec2bc8e9098e4df835
7eedc042e4653629e4df416f72b6db88925d1f69b058b1c2bfa90673d36cb8d2
81261bb6ad9a60e6c88b93e959cb533df036cf595f287d42e89f15d3f96f06b8
8147e11a6b921addff5671469c94f987baa1fe8e468739e2394f38e7b960436f
81ed276101980705f21c71bf0bd599176483da632ba566ffd79fa534cb7996cc
828c2421fbcb321ff62ec71e083129c9ee013ed9cae36fe516fd16dba138b084
83af03fc3771a02113160d6e874140e11ffa6f826b8112d808a371fe41a26796
84960e3cac44e007f394f19b872e84c97893366a1cdbb098d4649580f791c537
8502d11bae5c32165979ebfc1091ec90e0175407a6c930171d34ce5e8079dee1
8568a6a1a04efc89ad95610b22462ddcc9801a88296214039bc31a3f43c19b90
85b9b8aba5ce0570b9c98dfbe890adec33e839852f041c150a9845c12df3d458
866f12547e61b95f853d5645e2cb05c0a736e87965afb737632f37f09bea583e
86e78189766cc34a53681b51492544e462c35071120bd1d02c61e2ea7ea01dc8
88a92b2728ee58c8c5147cbf16a7d757eb14d44d261545948f169254ae8edbad
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
89f989115f0fa64abd8979a7c7253f11774e3f20a3b0fe0c744f77dbc98f51ce
8b00e8bfe50231cb36fb19162224a0ab2ae161f269133a569495bb16f7f92596
8ec995175ea5d52dd1d650a15897b1f24d8a204d290e493c3da50a00f171a83b
8fad94fd4e092e114357f80fed301b21679ea04536e2988a79164d83f8821561
9032604d213d29f42622b2465daaea84a94b3084c751ee7a5437221577f96407
915460452e35da02503f19948c58f370c2b9c050e596ec34eb614508eea1bc5b
917c65c9ba358e27cd1e48c64a1e97dc333ea857f51b1fd9577280919924b8f2
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
925759777ebc944ad06902a96a1cf03b053eee689247212ecfa7da36b6a28c18
946ec1d55630578c71de414775f86d627e2ecb77b3be15101707929eea9ff2e1
9655badef1fa41ecf6fe8e5b1c236c6f8a224047b0c475bf7937112b7ee66485
99a161a65a1bb2ac1f62763d9597ffb19ec5612608b8194e6b60d0023172413a
9b39cb9fa24ef68dbfd54405407e704958250668b7c6d2bb5db3448118faaa2a
9e417c5b942b5de750e61a459390603e20e48a6dc9c0a05bdd85d5fe44bd2c7a
a163fe4dc7724ee740dfb87995faedab8b21dc8435eccf0ecfbbb7a280bb523f
a2d25b608653dc29b0da6c65528e64eda62c84a6170680820574860f86efa9ff
a34a23c5eab1f788c46ca50f76f20946256ef9328e70c3e4ce6c2b510301b47a
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5ca70b23852468d475609f1e322ac24a6e54d51aba563e3747bdcad571b5214
a5e766a3204310c8a5c0e52673917b0781b961af960bd7e0ab4a81aed51f19d6
a6cc0e634ff9de2380df146c779d3b75734185be36273ff647f7b93476ab3e0c
a8d3848c674fc28e09551c62fb392077675c7a489efa3e7487ab2671be990ba2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aba50dbb89f91c68e3ffa2aaa0bab7f641fcf4bf01217342909ee9d7ab35513c
ac27892d40bf5feee39618fddc9b7511c04727d7c3c35b75456a7c338bbbc836
b036af4bf83bdf1f13df4ef3560a2f4e27201f42feb54c73f336a7a40825a8ba
b0db2fe17828ac77ead4c507e5b2b934a86ce3017cc580284f8f69025647ca33
b28ab2c5403fdae81afffe216eb17c3fddd4a95469fb89252e86b264aa84bc6f
b4dff73f41e2b5acbb6d93c24ef4a297eda32157a28479d2262d45e6d6696efb
b65ccf52ad521bcb2f74c9102405cc71ad591859465fb2a35c10b54cb04c122e
b6a39eb42f1072d40abde1c3ece7cb0bb0c0280c1d18e2be7c6bcb2cae0a1379
ba24f9ef72f1973e4b0b7b2a2302836376fe6e2f533eaee680ee711d835827d9
bf8ef0848e3bba3d609b9c5a242a078113df8e67f88a62151dd9d820b57a44bd
c25ae0cf142c425406fa62216262cc6625199720ce77d944fdd324d489c15962
c3712c2a04e32cd8c85c91000ef29b654aea04a5a4bf65cab83994187d3089fe
c8c0d4bfc774ebaeb3703274af3e6441b5c9c8a8fd4206856ae1ea9dd4ee3185
ca677a7c36fd7e5c758a46f9a1056e44f504ab5cd148be5a9a55876d10cfbf22
cdc27354a477c69df80b39f0a39d8154fb498124c6dc04c60a9b2d12c22bed8b
d0287da7bea7ef2d0de7c574a12bdf238b39668756182a19e3a54e093f4eb971
d0b418d8943c8b39baa7776b86f35c391a3ecaf1c9bfb4166a93524ada793977
d2ba3557b7be57c8926a8cd0aafba6a9ddb66500b58bc9dc6ca90dc7ec424660
d389189262517931a140ab8ba346893648ede6279b3fe68b81d4c8228223dc62
d43b94d3d3c6f9de2521534cd141d5c8bbe90f0b3a90098048d4b84fd2c6bc5e
d5e0367bc3ddc54ddc6f477da409b06c7da0b6185c6474e5269075e7bf2b02ab
d6c3175eb0b77ba29030a56de980cc087386e8de6aae93b6160624a6017b3e7b
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
d9c99f48f22e8936f99ac443a58e18a62a298c96c2c1e444f696a96d28e3b8e6
ddaa0d56dce98193fe2285b70031f50fdc434a891d2def9bd3c51820835933c3
de37d32d58fd51ea5feeaf2f51c0a9809f8f0425be4cafd77161d7778d441d70
deda218066b005f45720158a559b8a2dae3556ad053a73756503572b1781c49a
e329ea9d7d0feccd6ad36f5c8b0e9f230fb85fc89b91c528d7f85adc721ad03d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48311007ac597c41f8014c615ae4a0c03df395b7c8e06ec42be746d4a266b36
e5c394f5a36f2b80ce984f6290e29e10d9ec991845605bc2c0ef72cfddc16242
e5dc92c52c76a37e1752ee6cc47888aa96d26ffcd48a7520d8a812e16fe9f561
e824e6c62c97a065b54001e0a17705aac457e327cbb8abefb1d84122d2078621
e8d1740eaaae86773ecedc69b2b61897d90ceb72f80ad2fee1c199619dbbd3cc
eb0f3b12ae737fc2674f41ba916d92df49c685b5b11c0a7c1daf14e53306edc4
eb21bdeb7f1199cb532f98b6fa229dadc40131e48be14cc1ca8451ad25ebaa15
ebff3dfe531f093ceeabc073a5cfae54d4860921bd629fdd82aebab116bd324f
ecedb0a23bcdd91ed68c4e23a376e871c7f806be75859bd6aef71014433fd262
edf35738cf4434e3e7550e76040b49e206fc3d66d44e71440261aec405629e88
ee3ee0929b27eacb109c7a997097ecc867afdda3513636e66d611ad295070cd3
eed42b2d6283dcc182af11b0ca71d180620bd3700c32be4b6f7ff403e049b084
f0c4e3929cc6420481eb8e4b9d0c1832f606f9df371c8d7ea66f5287086cdf3f
f1c732abc1f4fbe853b5a6aeeaa0528d1fd13c329b34947ffd6f60712d2bb4d7
f281eb487a354c1f67d5d2ac492146ad9c11db8049ad935139f7a00c02d56632
f3a88a23e00f6f1f4898e868878a91c2efeddd4775b982735186c32ab64361ac
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f643d6fe7e679f9de3e16311600c5ef5cd6b098f7a3a8828fcc29255d2b33e62
f906e028002f0907dd56c42c1773417d1c5fca7c470484b0af022db44670beea
fa4ff57362031b65d706ac778e19f07689b6cf3461bda1e20374729c683e14d1
fb0367bfafa5b09ed5c6fe180ff19bb4138027ad50b3b6b48105bc5a51cd4121
fc5e9c92edb5fd07305c5ae51c4e51f2117d4f5d1f8c9a5ded67d9b7aa1fa7b0
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe68a0ea7c244d4c7eb8718785534c597594e1780062f56e8afbec5f3b0d1db3
ff3d6188fbc7665888469bb910c3be8d878ded3c208d1e77f39228abfa94ae79

garansitombak.cfd Open in urlscan Pro 2606:4700:3034::6815:5449 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

100 %HTTPS

27 %IPv6

13 Domains

16 Subdomains

15 IPs

4 Countries

35629 kBTransfer

36860 kBSize

5 Cookies

13 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

garansitombak.cfd Open in urlscan Pro
2606:4700:3034::6815:5449 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

100 %
HTTPS

27 %
IPv6

13
Domains

16
Subdomains

15
IPs

4
Countries

35629 kB
Transfer

36860 kB
Size

5
Cookies

170 HTTP transactions
0 data transactions