www.totonesia1.cfd Open in urlscan Pro
2606:4700:3033::6815:2df Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://totonesia1.cfd/
Effective URL:
https://www.totonesia1.cfd/
Submission: On March 29 via manual (March 29th 2024, 6:03:55 am UTC) from SG — Scanned from SG

Summary HTTP 144 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 144 HTTP transactions. The main IP is 2606:4700:3033::6815:2df, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.totonesia1.cfd.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.

This is the only time www.totonesia1.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3033::6815:2df	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c0f::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2404:6800:400... 2404:6800:4003:c0f::61	15169 (GOOGLE) (GOOGLE)
27	172.67.38.66 172.67.38.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30	172.67.129.192 172.67.129.192	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.64.129.7 172.64.129.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c0f::71	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c1c::9a	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c0f::5e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1c::5e	15169 (GOOGLE) (GOOGLE)
24	64.233.170.100 64.233.170.100	15169 (GOOGLE) (GOOGLE)
11	74.125.200.155 74.125.200.155	15169 (GOOGLE) (GOOGLE)
11	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
10	172.67.182.205 172.67.182.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
144	16

4 2606:4700:3033::6815:2df (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

totonesia1.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.totonesia1.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4003:c0f::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.67.38.66 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.67.129.192 (United States)

ASN13335 (CLOUDFLARENET, US)

www.totonesia1.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.129.7 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::71 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c1c::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c0f::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1c::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 64.233.170.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f100.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.10.94 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.67.182.205 (United States)

ASN13335 (CLOUDFLARENET, US)

ttn.suksesbersama.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	totonesia1.cfd 1 redirects totonesia1.cfd www.totonesia1.cfd	1 MB
27	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9945 va.tawk.to — Cisco Umbrella Rank: 9477	233 KB
26	google.com analytics.google.com — Cisco Umbrella Rank: 148	709 B
13	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12949	1 KB
13	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 91	488 B
13	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	1 MB
10	suksesbersama.xyz ttn.suksesbersama.xyz	769 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1738 ka-f.fontawesome.com — Cisco Umbrella Rank: 4238	189 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	41 KB
1	gstatic.com fonts.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	900 B
144	11

	Domain	Requested by
33	www.totonesia1.cfd	www.totonesia1.cfd
26	analytics.google.com	www.googletagmanager.com
22	embed.tawk.to	www.totonesia1.cfd embed.tawk.to
13	www.google.com.sg
13	stats.g.doubleclick.net	www.googletagmanager.com
13	www.googletagmanager.com	www.totonesia1.cfd www.googletagmanager.com
10	ttn.suksesbersama.xyz
5	va.tawk.to	embed.tawk.to
5	ka-f.fontawesome.com	kit.fontawesome.com
1	cdn.jsdelivr.net	embed.tawk.to
1	fonts.gstatic.com	fonts.googleapis.com
1	kit.fontawesome.com	www.totonesia1.cfd
1	fonts.googleapis.com	www.totonesia1.cfd
1	totonesia1.cfd	1 redirects
144	14

This site contains links to these domains. Also see Links.

Domain
wa.me
t.me
www.kylottery.com
www.txlottery.org
www.flalottery.com
www.molottery.com
www.valottery.com
www.eloterie.ma
www.keno.de
nylottery.ny.gov
www.wral.com
www.oregonlottery.org
www.wvlottery.com
tnlottery.com
www.youtube.com
michiganlotterynumbers.com
www.delottery.com
www.wsbtv.com
www.magnumcambodia.com
mylotto.co.nz
www.totomacaupools.asia
sydneypoolstoday.com
www.chinapools.asia
www.singaporepools.com.sg
barbados-lottery.com
www.taiwan-lotto.com
www.tnlottery.com
hongkongpools.com
gamepasti.com
bit.ly
www.totonesia6.com
apktotonesia.fun
tawk.to

Subject Issuer	Validity	Valid
totonesia1.cfd GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
tawk.to GTS CA 1P5	`2024-03-28` - `2024-06-26`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
suksesbersama.xyz E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.totonesia1.cfd/
Frame ID: 9BBB490B5FEF6402AD5250DFF9ABF3AA
Requests: 136 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/660147be42c/css/min-widget.css
Frame ID: 929B77A8FCEB6297422B6AA0F836876B
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/660147be42c/css/bubble-widget.css
Frame ID: 5707DFDD806F8579BF4598D826A2E03C
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/660147be42c/css/message-preview.css
Frame ID: F0DC0A74ED4A338F71EA45CE6F059A3E
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/660147be42c/css/max-widget.css
Frame ID: 614318C61BC5B66EC20E3E2F192E1321
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOTONESIA : SITUS GAME ONLINE TERPERCAYA 2024

Page URL History Show full URLs

http://totonesia1.cfd/ HTTP 307
https://totonesia1.cfd/ HTTP 301
https://www.totonesia1.cfd/ Page URL

Detected technologies

Meteor (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+__meteor-css__

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

144
Requests

100 %
HTTPS

56 %
IPv6

11
Domains

14
Subdomains

16
IPs

2
Countries

3797 kB
Transfer

9611 kB
Size

17
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/6282310154397
Title: 6282310154397

Search URL Search Domain Scan URL

URL: https://t.me/totonesia
Title: totonesia

Search URL Search Domain Scan URL

URL: https://www.kylottery.com/apps/draw_games/pick4/index.html
Title: KENTUCKY MIDDAY

Search URL Search Domain Scan URL

URL: https://www.txlottery.org/export/sites/lottery/Games/Daily_4/index.html
Title: TEXAS DAY (SENIN OFF)

Search URL Search Domain Scan URL

URL: http://www.flalottery.com/pick4.do
Title: FLORIDA MIDDAY

Search URL Search Domain Scan URL

URL: http://www.molottery.com/pick4/pick4.jsp
Title: MISSOURI MIDDAY

Search URL Search Domain Scan URL

URL: https://www.valottery.com/data/draw-games/pick4
Title: VIRGINIA DAY

Search URL Search Domain Scan URL

URL: https://www.eloterie.ma/resultats/-/lottery-results/view/quatro
Title: MOROCCO QUATRO 4

Search URL Search Domain Scan URL

URL: https://www.keno.de/
Title: GERMANY PLUS5

Search URL Search Domain Scan URL

URL: https://nylottery.ny.gov/draw-game?game=win4
Title: NEW YORK MIDDAY

Search URL Search Domain Scan URL

URL: https://www.wral.com/daytime-pick-3-and-pick-4-streaming/2570000/
Title: NORTH CAROLINA DAY

Search URL Search Domain Scan URL

URL: https://www.oregonlottery.org/pick-4/winning-numbers/
Title: OREGON 1

Search URL Search Domain Scan URL

URL: http://www.wvlottery.com/draw-games/daily-4/
Title: WEST VIRGINIA (SENIN OFF)

Search URL Search Domain Scan URL

URL: https://tnlottery.com/winning-numbers/cash4/
Title: TENNESSE EVENING

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/OHdailydraws/videos
Title: OHIO EVENING

Search URL Search Domain Scan URL

URL: https://michiganlotterynumbers.com/daily-4
Title: MICHIGAN EVENING

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/mdlottery/videos
Title: MARYLAND EVENING

Search URL Search Domain Scan URL

URL: https://www.delottery.com/Drawing-Games/Play-4
Title: DELAWARE NIGHT

Search URL Search Domain Scan URL

URL: https://www.wral.com/evening-pick-3-pick-4-and-cash-5/1075494/
Title: NORTH CAROLINA EVENING

Search URL Search Domain Scan URL

URL: https://www.wsbtv.com/lottery/
Title: GEORGIA NIGHT

Search URL Search Domain Scan URL

URL: http://www.magnumcambodia.com/
Title: MAGNUM CAMBODIA

Search URL Search Domain Scan URL

URL: https://mylotto.co.nz/results/bullseye
Title: BULLSEYE

Search URL Search Domain Scan URL

URL: https://www.totomacaupools.asia/result.php
Title: MACAU 1

Search URL Search Domain Scan URL

URL: https://sydneypoolstoday.com/
Title: SYDNEY

Search URL Search Domain Scan URL

URL: http://www.chinapools.asia/
Title: CHINA

Search URL Search Domain Scan URL

URL: http://www.singaporepools.com.sg/
Title: SINGAPORE (SELASA & JUMAT OFF)

Search URL Search Domain Scan URL

URL: https://barbados-lottery.com/
Title: BARBADOS MORNING

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/PTVPhilippines/videos
Title: PCSO (MINGGU OFF)

Search URL Search Domain Scan URL

URL: http://www.taiwan-lotto.com/
Title: TAIWAN

Search URL Search Domain Scan URL

URL: https://www.tnlottery.com/winning-numbers/cash4?ch3Showall=y
Title: TENNESSE MORNING (MINGGU OFF)

Search URL Search Domain Scan URL

URL: http://hongkongpools.com/
Title: HONGKONG

Search URL Search Domain Scan URL

URL: https://www.singaporepools.com.sg/en/product/Pages/4d_results.aspx
Title: SINGAPORE P123 (RABU, SABTU,MINGGU)

Search URL Search Domain Scan URL

URL: http://wa.me/6282310154397
Title: 0823 1015 4397

Search URL Search Domain Scan URL

URL: https://gamepasti.com/
Title: GAMEPASTI.COM

Search URL Search Domain Scan URL

URL: https://bit.ly/situsluar
Title: BIT.LY/SITUSLUAR

Search URL Search Domain Scan URL

URL: https://www.totonesia6.com/
Title: TOTONESIA

Search URL Search Domain Scan URL

URL: https://apktotonesia.fun/

Search URL Search Domain Scan URL

URL: https://bit.ly/prediksi-ttn

Search URL Search Domain Scan URL

URL: https://bit.ly/rtp-ttn

Search URL Search Domain Scan URL

URL: https://bit.ly/wa-ttn

Search URL Search Domain Scan URL

URL: https://tawk.to/chat/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://totonesia1.cfd/ HTTP 307
https://totonesia1.cfd/ HTTP 301
https://www.totonesia1.cfd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

144 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.totonesia1.cfd/
Redirect Chain

http://totonesia1.cfd/
https://totonesia1.cfd/
https://www.totonesia1.cfd/

7 KB
3 KB

252ms
223ms

Document
text/html

2606:4700:3033::6815:2df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e5bdba1829dd6ef929e28f88bb66cbfed90f10d4c293b48ff76502dd253552

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86bda8981ad25f41-SIN
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 29 Mar 2024 06:03:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfCS2KRqf5H4pqHsRCNr%2Fy%2B5wihnO7xS%2FediwQHjuZmznkepXCr%2BhyYBurv0XGFkOBCW%2FHlI1ez9%2FEG%2FtBvjQe%2Bb4Ku%2FZ9SFiNk8JKf3vasl%2FEAy4lScFC7ROhw6qWFpKT48vJH1WjiCtXdyULpgTec%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 86bda897da925f41-SIN
date: Fri, 29 Mar 2024 06:03:45 GMT
expires: Fri, 29 Mar 2024 07:03:45 GMT
location: https://www.totonesia1.cfd/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hcol6LWJ55etSTq1DR9v%2FSfa0opKFU9lfidrADmyE2vhuEwvWYXTXv6bRoXzqBSsBoa6rOGvbV3YN7q10Kv6TX03FFDFR7xAQ5S%2FtJAa4SiIRIiHXvp1Db%2BWTCctdYKTtCcPFi4ObmvKCzBJOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 4390c63567ab1522f4c7013b18181f586ee3e054.css
www.totonesia1.cfd/ 144 KB
27 KB 30ms
25ms Stylesheet
text/css 2606:4700:3033::6815:2df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/4390c63567ab1522f4c7013b18181f586ee3e054.css?meteor_css_resource=true
Requested by: Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33be661e2d335046642b1194ea6d6877e789b3a21fba9f46382cb02020da6d3e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1503493
etag: W/"4390c63567ab1522f4c7013b18181f586ee3e054"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7181dT89d2iSW9X5DreZDGZcYieUD1y99ik6XLOgkoDbdFj9%2FrjCcageF6iw5Q%2FlaXVmE%2BIWwLC1cIqTGv3RFnTrm3fG72nbmHNWxGAN0DeR8d%2F7fRKNoOsP03rHQnCux1pe3sQ3qaN0DzAS4OMk9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86bda8999be45f41-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
900 B 48ms
11ms Stylesheet
text/css 2404:6800:4003:c0f::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;1,100&display=swap

Requested by

Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

246894ad83365e8033cf2e6d39a8c140f03af24bc94f6ff0e5ac944b003bf849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Mar 2024 06:03:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 06:03:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Mar 2024 06:03:45 GMT

GET
H2 200 5d2f080796.js Show response
kit.fontawesome.com/ 12 KB
5 KB 434ms
275ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/5d2f080796.js
Requested by: Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ef7672ca46b7742d7977c7b079572ef699b907c4aeae9c396d57fecfe7005ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 86bda89aea21401e-SIN
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F8EmKMh6QIdLCyvbg3Xh

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
99 KB 181ms
22ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Requested by

Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fb53e33cf2efffb0bcf67ca7212dd12a9730bdf48ae7d3af4299d88df067bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100806
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:45 GMT

GET
H2 200 d95b273670c2cfd7bd4f30a35408e1093e6d7701.js Show response
www.totonesia1.cfd/ 2 MB
491 KB 39ms
36ms Script
application/javascript 2606:4700:3033::6815:2df
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/d95b273670c2cfd7bd4f30a35408e1093e6d7701.js?meteor_js_resource=true
Requested by: Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2df , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d95ae0bbfe71d557544040ade1602482277a9d859f59693a0e1c84149e0ebbd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1513124
etag: W/"d95b273670c2cfd7bd4f30a35408e1093e6d7701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rrBX%2B%2FVt%2BLuv1hwzoadxFH%2Ffvekg2tkSfS5hVDRsJBCcWl8aqOxflmEOn8z9PycUB6PLxq8GXsxg6p1rePQpFqCiurxSU9IqIy5urCgMu2sWUIeEgtTxZJCAemvar4zofHKY7wkWdLaHLmahS7VZlPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 86bda8999be95f41-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 1f9h85nqk Show response
embed.tawk.to/60ddd3ad65b7290ac638e9ff/ 2 KB
915 B 173ms
17ms Script
application/x-javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Requested by

Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88de73894aeee4a15c705516790ca6cb7e5634799645bec81aab920047a9fd91

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:45 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
server: cloudflare
age: 7046
etag: W/"stable-v4-660147be42c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 86bda89aec654810-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 id.json Show response
www.totonesia1.cfd/tap-i18n/ 588 B
759 B 204ms
203ms XHR
text/html 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/tap-i18n/id.json
Requested by: Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/d95b273670c2cfd7bd4f30a35408e1093e6d7701.js?meteor_js_resource=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3488619ebc4cd91220a7094e48c99e38a660bda7187721082dcb7d7b7b076dc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.totonesia1.cfd/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4r0w88DNg6AZrH7jUYskc2lC%2FTQlz22MLDzQ3smEJo6A%2F1kDXAkpo7ckCfCbn72jmpoIxxkcxDqRLk6xFkWYHBuO%2F%2F3LaFOkP%2BGcX%2B16mTBToys3fTyk%2FEF%2FvqjhA94qF9aIRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 86bda89baf5c3f4f-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 info Show response
www.totonesia1.cfd/sockjs/ 79 B
542 B 107ms
107ms XHR
application/json 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/sockjs/info?cb=wfq5365hxf
Requested by: Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/d95b273670c2cfd7bd4f30a35408e1093e6d7701.js?meteor_js_resource=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95778d8b7b295c3a8478a37581a5eb84dc6b896a0a844c6e7a0504eaed0fc7c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kwsR62xOqUQo%2Fy1G16p549P23x%2BFfJ4e79X1a0dtaSE%2FCZK2wZlGHAdOnrWt9Kyvjwtmcm2za7Y4xYg5kW0ZeAI65cd%2BmMSob4LWJZ5MNEbB1ERpuUhZpN7TYvcEhom89D24LSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, no-transform, must-revalidate, max-age=0
cf-ray: 86bda89cf8693f4f-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 101 KB
23 KB 63ms
35ms Fetch
text/css 172.64.129.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=5d2f080796
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5d2f080796.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
via: 1.1 3b9e83f086ccaf555831389882e5f732.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
age: 615476
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BNeNNTYR3gOIKR1f2DINqrn%2B3y24dSCVy0NRGQQvzbVXyNR8uuERfPvjakfG57b0rQWGRfbwqvj5aOL%2BeyrnVumaAOu%2Bv%2B3r%2BYzacGuKY3gkB%2Ff2YzLD1jRZcUxKXR0%2BDMbiR2Q%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 86bda89d3e715f69-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: UY0RJoJGfQCPgb2fi44B1rd3BW-yC88ichBpkcd_uR25CXVdJ2D6LQ==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 27 KB
5 KB 52ms
24ms Fetch
text/css 172.64.129.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=5d2f080796
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5d2f080796.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
via: 1.1 92e43f5e08d92192931cf833ba935f62.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
age: 589718
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vog%2F1BRavibaUKOSupTEJRa1AEHIFayIsKdk5Ef5J%2BIciQeXQ63vdkxVCBLMW57D9iz%2BJ%2FUcvMtKMp3YnbpGsn2TzekPYOsA0IIPvgIx3FZvWSSkCUOFdmCPoXxcxi1C9NsEI4GCQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 86bda89d3e6f5f69-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: tgNiCa78qC-fz0ALddot5DaSF6iR1JOaX6vfuD_jTj8V1W74LGsPgg==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 823 B
994 B 53ms
26ms Fetch
text/css 172.64.129.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=5d2f080796
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5d2f080796.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
via: 1.1 6bba44d47d881e087bd912149e58e0ca.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
age: 1515130
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9UnTnWwxtng7x36wmHe7PyMy8Uw0JtpPeuYzlvIVYU09YlYIUbr3whFO5kuwQZbKL%2FbGg4LJT2rJ5evdK9rHyZjQXyLpa7Udo3au%2BwzY%2BOCwbmuZz9TOOkfwdMLPYFvTyxMqW%2BO%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 86bda89d3e6c5f69-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YDZlMRiojiD6qQN_W1MBInqzAd09l18cXNEZlubcOp3xhCGfj2k43w==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 2 KB
1 KB 52ms
25ms Fetch
text/css 172.64.129.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=5d2f080796
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/5d2f080796.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
via: 1.1 8ce76489c7909497c0789fb02f3e45ee.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
age: 1503490
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufv75bWVHg%2BY%2FG1Sryx6E7%2BbgCEmAghJeDhBkWEgSwHnLr4WOqw%2BJ3PsQ70q2jBRZtz9CN2xG71feNrgZXjtUR%2B4jNLDPcOW5hKRqABTbufUc%2FXR1Kp6X9XVa64B%2Fh99rq%2Ftt9G%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 86bda89d3e6d5f69-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: KJyGvz7yNivn9IE3LSTtaQgtZ5p9FftA77pjRHrABRBfRDtQSuOrkQ==

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 121 B
348 B 19ms
18ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 246628
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda89d1e794810-SIN

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 81 KB
29 KB 21ms
18ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 246628
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda89d1e7c4810-SIN

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 212 KB
62 KB 30ms
29ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 246628
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"1c73b4eb89bbe24ecf154b671ddbcafc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda89d1e7e4810-SIN

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 220 KB
44 KB 37ms
36ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15e017480222304b17c045ad9a3f90c5f89368e1a8af6f9bab2aed5574a064cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 246628
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"a373297f15593def36f1d617b92f16bb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda89d1e7f4810-SIN

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 2 KB
1 KB 18ms
17ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97beb2038b528ea5e5168581234557b8a159a5dcc8f4bf62e70751867bec7a76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 246628
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"e9c5c0178774789dfa4f5afb011600fd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda89d1e804810-SIN

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 151 B
372 B 15ms
14ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60ddd3ad65b7290ac638e9ff/1f9h85nqk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 246628
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda89d1e814810-SIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
100 KB 93ms
81ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LH4W4THG83&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a44bb2201ebef1e358dc644a8d876ec52e27629253ed9c1b8bd09bcfe9d2b9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 43ms
31ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JGTZ8V6H61&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2cefdac4e086c2f4853aa1b5e7f57e4a7716ea1d846aba4a3c134fc35b97b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 36ms
25ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZZDH0S9F4C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8209a6afff99cc7c95515093b180dc71de478f829b1c8faf443dbf904a8f5db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 104ms
93ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QF69KEJ9DS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

870ca73c28b66e99c0124e1a8569128809a948c1a5c799f1c7c87d90c526d9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 95ms
85ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5VH76118PX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3838f94b473c4bae3ee25bf32dfca43666df9083e9efcf73307d62cbf019d68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101931
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 120ms
109ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TLQ113LLQ1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dc5b09459c4a2168ef2e4eeb84d73a78f49d9cb63236656ac5b8bb86445bbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 70ms
60ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0H65Y292VE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e2776a3f8d13e94909378d908ee3a8964de68ebad72bbd525f67cf331376309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 62ms
52ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BEBCJEYNCQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31d21898ede7cb1471c88db62a9cd4f53c960d05251944a5fea532725dc42df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101843
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 183ms
175ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TBXS3Q9T1W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

136ab1f5b8a754fd49776d1480dc25c21eec614961ceffcccd8731e54dd4c63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 54ms
45ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NV886QV9R6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d32d610f7b283b1882efc35ee89e4c27eddd9d868046313a61550f5ad928fd2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 153ms
146ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BJSJ9D5YCT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62a9f80b187e5f104453fa153e4a5c561dd5cd075150b083c59b5c47f7b79306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101964
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 203ms
196ms Script
application/javascript 2404:6800:4003:c0f::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7SC1Z52620&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68ed4dd0f34e035fffd95720051fb451a24990dfd2db58ab61159e6cbe685ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101833
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Mar 2024 06:03:46 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
247 B 52ms
13ms Ping
text/plain 2404:6800:4003:c0f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LJ6E47MLCV&gtm=45je43r0v882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=926
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
247 B 59ms
17ms Ping
text/plain 2404:6800:4003:c1c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LJ6E47MLCV&cid=569908336.1711692226&gtm=45je43r0v882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 57ms
16ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LJ6E47MLCV&cid=569908336.1711692226&gtm=45je43r0v882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=838550452

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.png
www.totonesia1.cfd/images/ 66 KB
66 KB 385ms
385ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c3d8a0ad008e34117c40f22a38aa59daa186cd7ca8cf7bf2191d602a0a0301

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "834a0a00cc21558cf721afbf5967ffd5837ad28f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bQ28oLD39kE0nQAumrVia9s9EwPty5Qk0Y4N%2FkN54p%2Fs03DEP%2BAWMr%2BB%2Bzomt7rKoJ3C9Nn346mTgSo9qoJRpv4r6Ebz5qHAIp0MLqBmPUCNwYpDU7iRA5gwvdO2363jCUOyPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda89df9103f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 67423

GET
H3 200 loading.gif
www.totonesia1.cfd/icons/ 1 KB
2 KB 205ms
204ms Image
image/gif 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/icons/loading.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f578841271e49a72efc7e9281a47907aac4269038f674162955b82b8ca174d3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "40034356148834c6233a20cf6e6dfe92aba50c1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRAfqyWPDyzr6AGTy5UFTAiB6tXfMFwURrfr9b2MpRs4b7SDpkeaTG6cB3tX6UEBPi86eKpshpGDxQAngaZZtq2zHw2yqXFBZzIR5GrlHvcAlItZeem3cGq9W5Qlu40yEwveWl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda89df9133f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 1108

GET
H3 200 icon_lottery_on.png
www.totonesia1.cfd/images/ 75 KB
76 KB 403ms
403ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icon_lottery_on.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0899b23dac99e10e2e4f46ad8ee1b2509ac0ad5f7c442ee6746db6afed921f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6e1f7000fdbd30b92e660767842bc18b3e95238c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BA4u35zCLJE%2Fe35AKgfolSznBAB7Gis2d%2FsdU9N30UMR7R3WSr8%2Bn616fgjKuAZE5Zr72kGwVfuZZj2Hb5ssEmPc7nnpYcLv%2FUNB8JSLAJVhIVemPJ50Rq27%2Fi6xUpn1j8OMSDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda89df9153f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 77185

GET
H3 200 icon_slots.png
www.totonesia1.cfd/images/ 16 KB
16 KB 316ms
315ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icon_slots.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94363dc3049b3e6f58c7582fd050438b990bd2a98f8929f8da18124821fa9ed0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1622c99aec5e0571a7e09a85f871bf1d328b48c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXTQT6N0TVVaYGsVIFeQm4PWNJl3XARPdiFI%2BCQxwfX9SuCrjZvg%2F%2Ftp%2Fl69x1z3vYS%2FEY3EXmCWOP7Uypa1uT3GU6mUCKt%2FO5tMpVMkgIgrNqXNJ6pIL7USTha48dnpw8z3H7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda89df9163f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 16199

GET
H3 200 icon_casino.png
www.totonesia1.cfd/images/ 22 KB
22 KB 307ms
306ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icon_casino.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb94ff450149e7c47fce75f945ba83f4bea2eaa3c2b70d802945e118508928de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f4193fa39edc5ec55968da2c5cf72ed1c12c9121"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oWJed3AVx7jG%2F4gXto%2BVrXdzCaLcK1NHBrOCwADN9fJutYml7WYHXYwnObRIslKFlyB9KpRmTNeSYmRGLmNP6E07uF20h7wTp2GTvAsDnAQTnbyfI7aRYFHYg9riLrIzykae2Xk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda89df9193f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 22318

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 65ms
28ms Font
font/woff2 2404:6800:4003:c1c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;1,100&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 23 Mar 2024 00:01:20 GMT
x-content-type-options: nosniff
age: 540146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Mar 2025 00:01:20 GMT

GET
H3 200 fontawesome-webfont.woff2
www.totonesia1.cfd/packages/fortawesome_fontawesome/upstream/fonts/ 75 KB
76 KB 389ms
388ms Font
application/font-woff2 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/packages/fortawesome_fontawesome/upstream/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.totonesia1.cfd
URL: https://www.totonesia1.cfd/4390c63567ab1522f4c7013b18181f586ee3e054.css?meteor_css_resource=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/4390c63567ab1522f4c7013b18181f586ee3e054.css?meteor_css_resource=true
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a34ffd10b2a49d55d6247e351520ffdf556e0bb1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WUMGd2zVrX2DPRj6z4%2Fo9oVnBGJWH%2F16l2AkpYf%2B4%2FU%2F6Ku6rFUAfb5L4ga9qaqpNnmHooX5XWWO%2B62CL4IQZDx%2FJUIOYHEEG9Yz%2BzcIPRqbEFLljssvs1rnR4yuEDL2hRay22s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda89e09203f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 77160

GET
H3 200 favicon.ico
www.totonesia1.cfd/images/ 264 KB
10 KB 236ms
235ms Other
image/x-icon 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.totonesia1.cfd/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02735c005820a28881beaf88a8ac088c03f66f67fde5baf94b1142d93080d76f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6cd32750ba6bbadbbdfe8f6e2913676852bc0e92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOzD0f8thLnivLRyLHOl3KdHxWiHKdjv4tSRr8987SK2AA0jpQZSQWG%2BbXe51qvIv5%2FEjNk6M75RO%2B%2BFP1Y4AHOLzQ1y0rtUe%2FddscZ9GPT00xMR58Lh5onCPEb8XMLZro6I2iY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 86bda89eb99f3f4f-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 153 KB
154 KB 14ms
13ms Font
font/woff2 172.64.129.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-solid-900.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.129.7 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
via: 1.1 69ce12cd28f192f5e142ba57e5fe0b80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: SIN2-P4
age: 1510795
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 156504
last-modified: Thu, 30 Nov 2023 17:53:29 GMT
server: cloudflare
etag: "98ff5c340b38803d09d3f22fd9a00501"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EuLezgglkl4k2ZfKoteiLu%2F9lQTs1rPt0lz1JPuFrQ7KRkb8Hff%2FVhVqi9ExiWPybMDqzXLPGF81Cvqggj%2BRBDyoEmZmZxkoHUemIHKjHZq8w2F7nUM2Fb%2BfLhpjgXqf3qU7inx%2Fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 86bda89f68955f69-SIN
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 4sU9NbTH0vIwA8WAeD7YeMAjyKqJgqvzaEl0T363dDzSHT9VfE3P0g==

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 17ms
15ms Fetch
application/json 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=60ddd3ad65b7290ac638e9ff&widgetId=1f9h85nqk&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3364bf5fb302073d658ea65b05b7980ca081be1041d47ec8a528c82f7e1b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:46 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 925
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-2j35
server: cloudflare
etag: W/"2-243-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 86bda89fd96b4810-SIN
access-control-allow-headers: content-type,x-tawk-token

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 10ms
9ms Ping
text/plain 2404:6800:4003:c0f::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JGTZ8V6H61&gtm=45je43r0v9171333107z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1368
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JGTZ8V6H61&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::71 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 10ms
9ms Ping
text/plain 2404:6800:4003:c1c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JGTZ8V6H61&cid=569908336.1711692226&gtm=45je43r0v9171333107z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JGTZ8V6H61&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1c::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
107 B 18ms
11ms Image
image/gif 2404:6800:4003:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JGTZ8V6H61&cid=569908336.1711692226&gtm=45je43r0v9171333107z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=92498814

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 9ms
8ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZZDH0S9F4C&gtm=45je43r0v9171936010z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1424
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZZDH0S9F4C&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 9ms
9ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZZDH0S9F4C&cid=569908336.1711692226&gtm=45je43r0v9171936010z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZZDH0S9F4C&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 10ms
9ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZZDH0S9F4C&cid=569908336.1711692226&gtm=45je43r0v9171936010z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1758159617

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 6ms
6ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BEBCJEYNCQ&gtm=45je43r0v9173543451z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1487
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BEBCJEYNCQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 6ms
6ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BEBCJEYNCQ&cid=569908336.1711692226&gtm=45je43r0v9173543451z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BEBCJEYNCQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 9ms
8ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BEBCJEYNCQ&cid=569908336.1711692226&gtm=45je43r0v9173543451z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1621091622

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 6ms
6ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TLQ113LLQ1&gtm=45je43r0v9172294656z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1551
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLQ113LLQ1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 7ms
7ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TLQ113LLQ1&cid=569908336.1711692226&gtm=45je43r0v9172294656z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLQ113LLQ1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 9ms
9ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TLQ113LLQ1&cid=569908336.1711692226&gtm=45je43r0v9172294656z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1329366826

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 7ms
6ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NV886QV9R6&gtm=45je43r0v9174261398z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1615
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NV886QV9R6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 5ms
5ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NV886QV9R6&cid=569908336.1711692226&gtm=45je43r0v9174261398z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NV886QV9R6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 9ms
9ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NV886QV9R6&cid=569908336.1711692226&gtm=45je43r0v9174261398z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=800927747

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 29ms
28ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LH4W4THG83&gtm=45je43r0v9171027496z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1658
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH4W4THG83&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 29ms
29ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LH4W4THG83&cid=569908336.1711692226&gtm=45je43r0v9171027496z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH4W4THG83&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 28ms
27ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LH4W4THG83&cid=569908336.1711692226&gtm=45je43r0v9171027496z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1755882661

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 5ms
5ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5VH76118PX&gtm=45je43r0p1v9172114953z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1736
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VH76118PX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 5ms
5ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5VH76118PX&cid=569908336.1711692226&gtm=45je43r0p1v9172114953z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VH76118PX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 9ms
8ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5VH76118PX&cid=569908336.1711692226&gtm=45je43r0p1v9172114953z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=711557811

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 5ms
5ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0H65Y292VE&gtm=45je43r0v9172373758z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1821
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0H65Y292VE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 5ms
5ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0H65Y292VE&cid=569908336.1711692226&gtm=45je43r0v9172373758z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0H65Y292VE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 12ms
11ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0H65Y292VE&cid=569908336.1711692226&gtm=45je43r0v9172373758z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=557960427

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 50ms
49ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BJSJ9D5YCT&gtm=45je43r0v9174388351z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1878
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSJ9D5YCT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 49ms
48ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BJSJ9D5YCT&cid=569908336.1711692226&gtm=45je43r0v9174388351z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSJ9D5YCT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 47ms
46ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BJSJ9D5YCT&cid=569908336.1711692226&gtm=45je43r0v9174388351z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=483044759

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 9ms
9ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QF69KEJ9DS&gtm=45je43r0v9171282256z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=1938
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QF69KEJ9DS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 7ms
6ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QF69KEJ9DS&cid=569908336.1711692226&gtm=45je43r0v9171282256z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QF69KEJ9DS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 17ms
16ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QF69KEJ9DS&cid=569908336.1711692226&gtm=45je43r0v9171282256z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=236812536

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 9ms
9ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TBXS3Q9T1W&gtm=45je43r0v9174081996z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=2250
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBXS3Q9T1W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 10ms
10ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TBXS3Q9T1W&cid=569908336.1711692226&gtm=45je43r0v9174081996z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBXS3Q9T1W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 8ms
8ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TBXS3Q9T1W&cid=569908336.1711692226&gtm=45je43r0v9174081996z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=1873837456

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 6ms
5ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7SC1Z52620&gtm=45je43r0v9174388528z8882350878za200&_p=1711692225587&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=page_view&_fv=1&_ss=1&tfd=2334
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SC1Z52620&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 5ms
5ms Ping
text/plain 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7SC1Z52620&cid=569908336.1711692226&gtm=45je43r0v9174388528z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SC1Z52620&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.sg/ads/ 42 B
63 B 11ms
10ms Image
image/gif 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7SC1Z52620&cid=569908336.1711692226&gtm=45je43r0v9174388528z8882350878za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=651183233

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 322ms
322ms Preflight 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.totonesia1.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.totonesia1.cfd
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86bda8a67f404810-SIN
date: Fri, 29 Mar 2024 06:03:47 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-lddc

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 1282ms
1282ms Fetch
application/json 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd5bbe8e388cdac2afe154990f9015538bdf6c7fc5d878d373a984466d0f653a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.totonesia1.cfd
access-control-allow-credentials: true
cf-ray: 86bda8a8790640c1-SIN
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-3b9s

GET
H3 200 id.js Show response
embed.tawk.to/_s/v4/app/660147be42c/languages/ 16 KB
4 KB 31ms
16ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/languages/id.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0064f5946529b92ba0301f7a2927cf1ca3d925db6eff78b688bc5f28990a8dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:47 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254265
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:14 GMT
server: cloudflare
etag: W/"cb9fdd7bdab1462c01b24d9fd11af46f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8a6cf7a40c1-SIN

GET
H3 200 icon_slots.png
www.totonesia1.cfd/images/ 16 KB
16 KB 205ms
204ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icon_slots.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94363dc3049b3e6f58c7582fd050438b990bd2a98f8929f8da18124821fa9ed0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:47 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1622c99aec5e0571a7e09a85f871bf1d328b48c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PYwyYX29rdSlCFYynZm1%2BAxQlKQWb401pw5QQp73xhwTqGkirvCgaQiuH8mmA37Pi0PKmtuOHXF2jwYU0VHrqo14xfl6KRYm3L6j4ccU%2FO%2B3%2BlXXQ13%2B%2BGLks39%2BYdHpHpv%2F%2Bec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778a43f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 16199

GET
H3 200 icon_casino.png
www.totonesia1.cfd/images/ 22 KB
22 KB 209ms
208ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icon_casino.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb94ff450149e7c47fce75f945ba83f4bea2eaa3c2b70d802945e118508928de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:47 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f4193fa39edc5ec55968da2c5cf72ed1c12c9121"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBEoBcC9nwxxyHC37Nl0oN%2FhKOL03zUo4G9x3AQHPst7mqBTc%2FLswtNYTlYHIuQBTtTtEAdILsJTsNN3ZXahlVoStlLGUOlr3YLHNMlyvl9FlUbrRoiusWFmlfx2Rcan0BcIZQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778a93f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 22318

GET
H3 200 pragmaticplayv3-slots.png
www.totonesia1.cfd/images/ 46 KB
47 KB 411ms
409ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/pragmaticplayv3-slots.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b74e925eff61782241869fcff81df24b34b57200b16a050b95405d8c7e92cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3c4fb018ccbfeb79764bc85df55155777c59f821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nk2kxvIwIeGHQDS6BdUokcysqH2VyCoHdY0WqM%2Bkicv6If4AaYy0FcveJgwe4UERJdPgoUDHk9xxdzlCGYiQwHOgpdUM03%2FgRF12JX%2FYlHHUwI8PHcwa0e8L553pNojTNkMYmR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778ab3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 47556

GET
H3 200 reelkingdom.png
www.totonesia1.cfd/images/ 36 KB
37 KB 303ms
302ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/reelkingdom.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1244c72ec23d69f6bd14f92a26684b79030de0ab4d5e4ee5d4628b787164eeb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f297f56ddf2cee3cc2d0b620bbea70c03b2a46b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r7jXYIHVBxiMrhku1S8KdrXPiDNXeOsOHAQtxxw1uEOpS8K0xdLcCTUJZKPt%2Fz5CiS2lGRXeovN89HklbhGY2EF7W3SUhWx2iJUzw3yLnrcuw6NCcG7nRELSqAljbwOnvRWSPes%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778ac3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 37059

GET
H3 200 joker.png
www.totonesia1.cfd/images/ 69 KB
70 KB 384ms
382ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/joker.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd45048da71271b2da1dfb276a254f793bc7962473c02c4b88538133fb82f8d5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4d9122d663364089217bdb4916ff8901129585c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMnJYIq97xTrXwmbPcTHt2gfUEsJ0HN0%2BMnUo%2BlpjoUp6ENv5Mx0N%2BjCB%2Boe1XmeYHTYm%2Bz%2F3hDxlsx3wUzmddwk4wua3teWNEMSWh3LWJvSA4vBgHatLYAiCvX7gUSE7hm8Rig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778ad3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 70870

GET
H3 200 habanero.png
www.totonesia1.cfd/images/ 90 KB
90 KB 401ms
399ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/habanero.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55a56b01d8c7be22482049288972baac8cdcbef8b76761268b84a921955a2a5a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "965d08e5c049358ff84ff7eb615b54a2323f5c4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZvSiHEt2EswTBUVaPw0%2FXb%2FJ%2Bma8tBAvocFVp4615wUSMVY0DGPx5ZrajQe3S6pgyxWNEwoKYHqn4nf%2Foh7t5BbZPqdzhrAmeE4IRMjGnHK5vbjfLDaIN%2FVBsEqyXbHBqn2xtaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778ae3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 91938

GET
H3 200 queenmaker.png
www.totonesia1.cfd/images/ 72 KB
73 KB 392ms
391ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/queenmaker.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be6b6a43e5cf223825ebe084d26f485fc215aa7c9d9260eb69c37ea74ae5cea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2755184b13e71f3daf08b3277cc5f8a7b95e07aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SaGzlcNJZF6HVtXdD0oElnTPZQotd%2Fx%2Fe%2BeWtM9%2FGd9ebUyU86WJJ%2FeBHmswx4bH%2BnwRGHjmSOxMZJUxsDrZ4Eser0VyO8pzbY1d2F1qCX32IbYJOC5tYGxPp5INsxbmIQuf85w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778af3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 73927

GET
H3 200 pragmaticplayv3-casinos.png
www.totonesia1.cfd/images/ 39 KB
39 KB 293ms
292ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/pragmaticplayv3-casinos.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 042d0c24ee245f6fb521a19c426fc8a4a6b9e38bf38d8260c95ce9da2897b4be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cc47f82cd043d52d15de7500b7c87a0c0e9c9ca1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRJRzMRid%2FeONi4tXee%2FrBa13nQuhvOz72m74dEAFbs1uCb%2B42ay2M%2FmVbX8AoMmErOdyHb6wr95%2FtZtWeFK5cb24N4UpySpPjmyfk7SXInAqeg%2FBbTMn3U1nopp%2FfRxCqGC%2BvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8a778b03f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 39907

GET
H3 200 whatsapp.svg
www.totonesia1.cfd/images/icons/ 3 KB
2 KB 216ms
216ms Image
image/svg+xml 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icons/whatsapp.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5f1766815ca808d6c2b7eddbce76e8cfae175c1bc374e29070d07cfbbe77f52

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8dd219c33ecc95acd2aee8616972cd77f10289c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stcd3xgrH0zeMyfYzTERnv%2BcAdJZCFKte%2BF9hVH2XpVhy1b5Sc5u4CXzc0mjT14zN1kjmEDP9MLBO7j6oncqmTmK0Puu%2BI9gZQdhhLw9mMnb9KJezrxCxQP3KS9NfzM8Rv3Nbok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86bda8ab2bd23f4f-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 telegram.svg
www.totonesia1.cfd/images/icons/ 821 B
908 B 215ms
213ms Image
image/svg+xml 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/icons/telegram.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4862faa99c1c7d4b1a4044d094b8b21bcd07ee0ac70ea96b0f7058fe765853e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4e4a24540e7205bb5983f698dd69feafeee61149"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPtmqrZQTIXZ6oIOFndxKJVjr3%2Fxor1CnKlo7oJ1O%2BNYepFLqPxIRwC0dMT2CRoHgoeHppgyOtramRHkbSZoNTc3TZ7lBfQ%2B5zfAcjOI4jRj%2BEFewG%2FVllDGgEFzClet6xlbQdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 86bda8ab2bd93f4f-SIN
alt-svc: h3=":443"; ma=86400

GET
H3 200 banner-ttn1.webp
ttn.suksesbersama.xyz/banner/ 110 KB
111 KB 189ms
55ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/banner/banner-ttn1.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a31616ec8a3976e036fc2c4a4d05acb6bfeb635199c44ae6f9ceb51212be3086

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Nov 2023 11:07:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5481
etag: "654625f7-1b9da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2F5cpUHzmfSXvMsW5XhvJ9JF3zxNtZUd%2Fi9OAD8jNNa%2BMbyn9JRll%2FC3y3zZKea4rWcekeAwAP7Y2rZi6k8rI89Oq0QiWrjMtwQWzl3D1qcIsm3KiBEXXaVXfM1Aq9%2FWuDN9mitfEuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8abf97a3e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 113114

GET
H3 200 promo-totonesia.webp
ttn.suksesbersama.xyz/banner/ 91 KB
91 KB 180ms
47ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/banner/promo-totonesia.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9541f1cb2abfeadf5c5e508a0ebe9117ebc596878bd3f884d0bbfc7c3cf34804

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Nov 2023 11:07:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6874
etag: "654625f4-16a4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yB2gbZX%2BLR%2FSDoFnGWfB4AGjd2oRgTdsg77IEAChYDymhRJcGJ0b35eINGWDICMRlefquiVpu%2BMDIzEDNmv%2Fj18qKLu0INqfa0BEU0A88gDmbb2BoJpnFkxVap1tklr2gAmNfbkaiHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8abf9793e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 92748

GET
H3 200 hadiah-totonesia.webp
ttn.suksesbersama.xyz/banner/ 117 KB
118 KB 149ms
17ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/banner/hadiah-totonesia.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f00f51babfd76e54441cb558218966d6bea432003d3ac2f862aeb159fd6613

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Nov 2023 11:07:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5481
etag: "654625f6-1d592"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3hVK%2FO%2Fr8I3bLThsDEG9O8359Z3du2zrqPWhz7BlMHw9%2FUy2R%2B4%2BxrPtIq6BPVIgYGoqMfnN74KTR%2BfLVFWoAOF9UCpQg9cXzHn0M0laU1MMih6ZdaURGkkrXDpw517wWL5ltSITaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8abf9753e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 120210

GET
H3 200 banner-ttnvpn.webp
ttn.suksesbersama.xyz/banner/ 56 KB
56 KB 146ms
14ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/banner/banner-ttnvpn.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f2855c77baa1472085a0334e6f3abf6357f77ffa50b0312882f5353b5c756b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Nov 2023 11:07:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6874
etag: "654625f4-de52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BQzPkKOkz6M0lRFiaro3RqOLbIPrstsp8SsZN1nEsvONZDHv3gK9rYWbR%2B6vMmZJtSr6RyTn0BR5odrCuvkhS8VDQnJRy3B6rvRxusAZuyfwufZpTi9kAzxqf6%2F2velAQ%2FnpuTL1k8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8abf9783e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 56914

GET
H3 200 pp-promo1.webp
ttn.suksesbersama.xyz/banner/ 79 KB
79 KB 165ms
35ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/banner/pp-promo1.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f12bd968fc23a6c4bb202c1d8f783c416fb14c64fca90b41cdd6877d16ee3a9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Mar 2024 02:41:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6874
etag: "65f6585b-13b92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwTx9%2FdNqjGWOntP5cuhkFkrfiZWw9zIDYiKaawyy%2F%2BwyQ29DDi7rHjVAbl6fxJ%2Filxcir3sMSoLvZshL3eebTAf7SPzNFs0CCEkM7HN8CXzi6D%2FiEKU%2Ft1cjDFiKrDL1d15g4eI9AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8abf9773e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 80786

GET
H3 200 linkaja.png
www.totonesia1.cfd/images/ 4 KB
4 KB 227ms
224ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/linkaja.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bf4e7e2b09a9f0c8cdf68997f86aab5caf925c42f628ea66affc1d04e7a21f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "31bd3c7c604709a1e00f2d34659604dfabbfbfe9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Erv31B0Y1hAqirI9xQ7ScKnmDrMk17baYLXpmxn736YkAm4XTJFfO0Qj0Lg%2BU465ejzxmvl6wxFq8JiJPGBWodRZ%2B%2FX2Tqgp9aOH2bm1QJ4TVZ4%2B9zNxjXRjIZAnpZBTnfWCSoc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ad9e9d3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3844

GET
H3 200 ovo.png
www.totonesia1.cfd/images/ 2 KB
3 KB 212ms
212ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/ovo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ee5f5422f350bb6e9d0b88197308615cf47f61af119449342ed9be24ad8b3be

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6bb14dd9f6c4d6d0d55a559d15e0b00a40a46b68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qf%2BaUr2HjyVgqP%2FiM0LPbFKWiA192xhiv%2BWttHcgx%2BiWcmmVcvzbuOpkzV6KNRuQDeMrafCbW6yYHP6druNMnlSnhFV32xNjxVOVMPcH4Dtfm%2BEjROBQPVLwRchqjtPc%2BqSsyJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ad9ea53f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 2541

GET
H3 200 dana.png
www.totonesia1.cfd/images/ 2 KB
3 KB 214ms
213ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/dana.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37111a262e25d34daf200a6db5fc0dea56baa790215c965a3746ae82e568d55c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b22514c56ff2a59361920a261a6f1e0d9b6bc2ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4dy0gy9RfCucDVgP9hZ%2BvS4C6C28F6vbEoj987Hw5xvEjCZczt2FoqtlEW%2Btj%2BCMdsCE63gOL4Z29g1P3nxD1VBq8e05rD86XhJkz8OkHPQ4kwYRO4LxwwnnQmK7nFRsBMrhDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ad9ea73f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 2438

GET
H3 200 gopay.png
www.totonesia1.cfd/images/ 3 KB
3 KB 213ms
212ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/gopay.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70b9c35014517bdd4c2b1f094d0fc7dae44ba0fd5fda97911ae8f690ed6db69

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ced26fa24e14448a2258e7b8b7cb72f4c1a10b57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uw9Yxf%2FeWk0tM3tbqMOnhUERuZCuestUZf7tbs9CWhmLjjKiDUR4L%2FO6v0yFy7Lf50UI%2FewVTfSZAY7iEwFKrMOyXxogrsA8YFbBkiif7B77HhV9emdyBMpvVgl9lEskTZtIk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ad9ea83f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 2979

GET
H3 200 telkomsel.png
www.totonesia1.cfd/images/ 3 KB
4 KB 232ms
232ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/telkomsel.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a467d84e08aee79f92f87bbce7546c9f9487cee3108d5df924200cafbcb7898

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2c9c004e6d01d89a426577abd90766cbfaeb76f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IoM%2FeXDttm5mpnNtGf7S5RaSYHzwomzPqzt5jzUkijvtOIH34cb5okjSoqaSOt7eZC%2FtwYKEhnmJ77kLYlwj4qiJgsVX2nf4wbCTmEfUQ%2FgG%2FAdFPAJsjnaHoNnsVAXHgK7fBEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ad9ea93f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3572

GET
H3 200 xl.png
www.totonesia1.cfd/images/ 4 KB
4 KB 211ms
210ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/xl.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad73144d81bb8a6d03ac78735880786fbea89b93632dd0e3d3b2de444cf85034

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "e5d03513064f3c61284941d501d6aba84551b8f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3JTwHc7iYoXAf3mF87hLjBR8WRIn1nn%2Flsn6rW%2FW69BVjQj4RNxSVLCw4%2FUHqQyVW0obvqwVFHnn7v3Kv%2BHetxTBFqRI1UxJq4Fk7FpXO%2BSs349DFiBjTdcNGn5s%2FhIcrchisqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ad9eaa3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 3698

GET
H3 200 apk.webp
ttn.suksesbersama.xyz/image/ 83 KB
84 KB 14ms
14ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/image/apk.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169565dd29d1494d6f2f064c39b9a8adba6fc5bf3af689b515192e98641f71eb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 23:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4658
etag: "657ce034-14ca0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Se0sWcd0s3%2FiHepaqh4aSK6gwOhf0jWuERNbq8vhrOPb%2BWjC2BWBRtHHmGpdGR700%2FyDKIxhTAiqwHhf2k%2BibfYGkt3iQobYvXdLX%2BfMmhM8xK5y5wFe4T54Fpxui%2F2NylwxoAAEU0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2b863e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 85152

GET
H3 200 prediksi.webp
ttn.suksesbersama.xyz/image/ 58 KB
58 KB 23ms
20ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/image/prediksi.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f8ebeaf568fb10d75c95b5776a68b9a90f5a6610ca376ae19c3763577a76f1a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 23:24:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7090
etag: "657ce030-e7ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2vpkWIzQ%2FzRJi6WlT9t%2BirnjNQ8WBRqOiw43lcsvL3HgxGU52DSZH8%2BqduoWZmBvSlbFDFHRS0oN%2Fnt1NdmCn4TWil7ScUopulCrm0mPkMzSF3HYH1jLfhsGOEJU2g0JPQCYN11eVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2b8d3e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 59342

GET
H3 200 rtp.webp
ttn.suksesbersama.xyz/image/ 152 KB
152 KB 27ms
24ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/image/rtp.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47259cea1ad2b7288646f2df92105a2229b8cc97d44c540ad29b37c49b33c7af

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 23:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 252
etag: "657ce033-25f3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUocHZwpcDEzxYop2a%2Btl%2B3FWBynKt1vvcqukxbFTMXMhSY6ryCJMPdMkEQ%2BGtRJzfXUl%2FPeDj7CAEIJLnNXKN5q3oFBuFTDARwno33QAMrkKB9FWRj3KcA8DdVC9fTi4Wv5%2Bhr13aQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2b8e3e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 155454

GET
H3 200 wa.webp
ttn.suksesbersama.xyz/image/ 17 KB
18 KB 46ms
43ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/image/wa.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76278d6ad454ce215d4071b3d0fd0aaceed73feceaacf6f68ff975bb53b63b5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 23:24:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3945
etag: "657ce033-45ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QB5Cw50h5WxfOOcOGuFSbdICrtShUvvmpuegupXb27hi3D3PHQB6%2Fuif8pzMGlrgn4xVdKdbUM6sGG5N0IELgASPl8FMmQyMzPo9UDDpot9FyQNGZ49QM5yt8jM3WVNzNaz%2F4OflGxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2b8f3e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 17902

GET
H3 200 lc.webp
ttn.suksesbersama.xyz/image/ 952 B
1 KB 47ms
44ms Image
image/webp 172.67.182.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ttn.suksesbersama.xyz/image/lc.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bd307cd6364578bada5d731f5e296ec046ecadc65b2797a441cca2bdab990c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:48 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 23:24:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6686
etag: "657ce030-3b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5US1Q1AFcE6V%2BmfdJ3eLpCKTwf6CTKmExkNlVHm5ElWkTO4JSsW9r4D4YgljSFmlBhri0NLiCe6DqdQ%2F5T8J9nCF8jum5FI5185j9qNvO4H3P0HgVou07xQd44wKEAV7Ua1Cp7s3AoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2b903e32-SIN
alt-svc: h3=":443"; ma=86400
content-length: 952

GET
H3 200 bca.png
www.totonesia1.cfd/images/ 8 KB
8 KB 202ms
200ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/bca.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05f5e7ea0654d6cd2d2d25714f92a8a61f924ddb3bef394dff1a16b6e8d9743

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6d39a9799b0f82429ff7b28d58cd97206ae88ce6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVuCAvdhH6MUmcQdnL8rCCBAsA1ApGz2QRuPhXCmdCjJHkk8oSsfnHxPM%2BNoMocazWSPuFTva3YcQVYFglnvqkTRBUZoBomqh3pDSEzhk9%2BgQxPEeGks%2Bd6Fa%2FdtLqUfmm0dUa8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2f373f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 7979

GET
H3 200 bni.png
www.totonesia1.cfd/images/ 7 KB
7 KB 208ms
206ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/bni.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cbf96cf03421e83512d4519e1beae3f6f10598533f97c545b62920ed3c67465

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5ba11cfd6c45c7e87f500f9164a149d2c1fead05"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLYEaaYgBEwSw4sSLY2EP0BQnMvYAlK6RGIBKXANaEsQDSRl%2BtcCZ15sfOSc3jwrd7zO7TRQpPm0GSXFjVj47OY%2FHH7qzNPSmOSDg%2B8qK0FPOJYEEmZYFUtGTBQaPh4R3KMpOJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2f3b3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 6897

GET
H3 200 bri.png
www.totonesia1.cfd/images/ 6 KB
6 KB 206ms
204ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/bri.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91296b2b3c6df709c3ef5351db5f836c4c5ad1d5806c320849528de327ea9a50

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "81764c160be9c24232a0d9a6d87c91c1665c4db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xw6PAeet7OPhgkQWzcCI7DVT0LvtG9pJ1sIq6Lc7Nu0a8xsLE0JynPFin51ufqS2Nv11bQrvj3EGyOwbFs5MDSG%2B6jrIBI0JHi%2BJ45CTZUq%2FaqUse4Vw%2ByF34XbsaHGRZrgtiIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2f3d3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 5687

GET
H3 200 bsi.png
www.totonesia1.cfd/images/ 7 KB
8 KB 215ms
214ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/bsi.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 444ab3012bfbf1a0eaa0ac3d1fc421d00b23dfa135fd0042e7e659f9b872b33e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a03ee856557cd9c7a79deb87b50c4461fedb7308"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pZJcKZP57rdLJ5wwU3acxxsNge9ka7BUSJIn0sOexZCv%2FKQZTsPmt%2FkbPTGr%2BOG8aQBF4%2FWJbtwm4retMCZ9Le2PMSgUQsljKCHLowwktxSG0XbErgrGcwEXrzzLQOMBgamANbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2f3f3f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 7600

GET
H3 200 mandiri.png
www.totonesia1.cfd/images/ 6 KB
7 KB 202ms
200ms Image
image/png 172.67.129.192
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.totonesia1.cfd/images/mandiri.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.129.192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de061be7bea90fdfa6759cd94f7e8f3467c0924627823a1712394cc4e41e4ece

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7acb367c784b320c66a9ac494ba646d5100964ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcMaDzQNWCZP7lYJ9NJMaSrxy6sUvkfIvmeURXbOgU%2F8bSbDwjGybTidlQUWd65s5jwxVNmgrwTzwgpFEv9zGjShKUgr8KCUXNiz0G6q6pR3yIUYR9TMmLIsBsJTM70AVRAIxGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 86bda8ae2f403f4f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 6314

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 10 KB
3 KB 16ms
15ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9dd40c1-SIN

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 18 KB
5 KB 18ms
18ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8d11b1a10bd9d92e8cb5e63a1aa03e1bdeefb6f9779b276bf20283ab1efa827

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"d5197530a4679448ff12bc9937b0db29"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9de40c1-SIN

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 11 KB
4 KB 16ms
15ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba4ed7985fc12fc747b3e907a2d52bc9fcd57ad8c2ae587918bf27ce55dbca2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"0c34fbc5e374fae7ef0aa012de3e42d5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9df40c1-SIN

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 699 B
676 B 17ms
16ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9e340c1-SIN

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 19 KB
6 KB 18ms
17ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4015e979de10b58534ef710b4fd748da5e5d7a0746961dc9c8c5859f0ad26d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"544caba7a546292501c988f1dadb6a95"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9e440c1-SIN

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 906 B
662 B 21ms
21ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9e540c1-SIN

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 535 B
574 B 19ms
19ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254267
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9e640c1-SIN

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/660147be42c/js/ 110 KB
24 KB 21ms
21ms Script
application/javascript 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c564db0ba01aac7703903e3237960e3f3f7179893a0525a265e4c328c0336f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 238860
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"b9fd76db93b5b801d17d401ae2605a66"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b0c9e740c1-SIN

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/660147be42c/css/ Frame 929B 24 KB
5 KB 24ms
24ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254266
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b14a7440c1-SIN

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/660147be42c/css/ Frame 5707 13 KB
3 KB 15ms
14ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254266
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b15abd40c1-SIN

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/660147be42c/css/ Frame F0DC 40 KB
8 KB 17ms
16ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254266
cf-polished: origSize=40905
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"7060c2e317491c949f29253a1286dad2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b18af140c1-SIN

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/660147be42c/css/ Frame 6143 76 KB
15 KB 17ms
16ms Stylesheet
text/css 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/660147be42c/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 254266
cf-polished: origSize=78232
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 25 Mar 2024 09:46:13 GMT
server: cloudflare
etag: W/"05d886069cda40a8e20243d226b04764"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b1eb4e40c1-SIN

GET
H3 200 2-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 5707 8 KB
3 KB 20ms
20ms Image
image/svg+xml 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/2-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50de8f6262195f17b98c0225b263474678932f3bbd906faa8395f1683ad4627f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1514223
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"0d87293a5bd9446532da7b9b1f03c983"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 86bda8b1fb5940c1-SIN

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 41ms
8ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 29 Mar 2024 06:03:49 GMT
age: 7240880
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
x-served-by: cache-fra-eddf8230136-FRA, cache-qpg120084-QPG
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 5707 10 KB
11 KB 18ms
17ms Font
font/woff2 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://embed.tawk.to/_s/v4/app/660147be42c/css/bubble-widget.css
Origin: https://www.totonesia1.cfd
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 06:03:49 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 339438
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 86bda8b22cec4810-SIN

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
263 B 209ms
208ms Fetch
text/html 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/660147be42c/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 29 Mar 2024 06:03:50 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.totonesia1.cfd
access-control-allow-credentials: true
cf-ray: 86bda8b7aad94810-SIN
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-n0tj

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 268ms
265ms Preflight 172.67.38.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.38.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.totonesia1.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.totonesia1.cfd
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86bda8b6092b4810-SIN
date: Fri, 29 Mar 2024 06:03:50 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-2dhx

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 18ms
6ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LJ6E47MLCV&gtm=45je43r0v882350878za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=107&tfd=6041
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJ6E47MLCV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 6ms
5ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-JGTZ8V6H61&gtm=45je43r0v9171333107za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=652&tfd=7032
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JGTZ8V6H61&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 6ms
5ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ZZDH0S9F4C&gtm=45je43r0v9171936010za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=612&tfd=7052
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZZDH0S9F4C&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 5ms
4ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BEBCJEYNCQ&gtm=45je43r0v9173543451za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=569&tfd=7068
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BEBCJEYNCQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 5ms
4ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TLQ113LLQ1&gtm=45je43r0v9172294656za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=518&tfd=7080
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLQ113LLQ1&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 289ms
288ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NV886QV9R6&gtm=45je43r0v9174261398za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=471&tfd=7093
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NV886QV9R6&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 276ms
275ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LH4W4THG83&gtm=45je43r0v9171027496za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=439&tfd=7104
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LH4W4THG83&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 243ms
242ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5VH76118PX&gtm=45je43r0p1v9172114953za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692226&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=380&tfd=7138
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VH76118PX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 209ms
208ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0H65Y292VE&gtm=45je43r0v9172373758za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=325&tfd=7173
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0H65Y292VE&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 195ms
195ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-BJSJ9D5YCT&gtm=45je43r0v9174388351za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=286&tfd=7178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BJSJ9D5YCT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 187ms
186ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QF69KEJ9DS&gtm=45je43r0v9171282256za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=237&tfd=7188
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QF69KEJ9DS&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 8ms
7ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TBXS3Q9T1W&gtm=45je43r0v9174081996za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=131&tfd=7393
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TBXS3Q9T1W&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 8ms
7ms Ping
text/plain 64.233.170.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-7SC1Z52620&gtm=45je43r0v9174388528za200&_p=1711692225587&gcd=13l3l3l3l1&npa=0&dma=0&cid=569908336.1711692226&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1711692227&sct=1&seg=0&dl=https%3A%2F%2Fwww.totonesia1.cfd%2F&dt=TOTONESIA%20%3A%20SITUS%20GAME%20ONLINE%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=56&tfd=7396
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7SC1Z52620&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 64.233.170.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f100.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.totonesia1.cfd/
accept-language: zh-SG,zh;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 29 Mar 2024 06:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totonesia1.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga Value: GA1.1.569908336.1711692226
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_LJ6E47MLCV Value: GS1.1.1711692226.1.0.1711692226.60.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_JGTZ8V6H61 Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_ZZDH0S9F4C Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_BEBCJEYNCQ Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_TLQ113LLQ1 Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_NV886QV9R6 Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_LH4W4THG83 Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_5VH76118PX Value: GS1.1.1711692226.1.0.1711692227.59.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_0H65Y292VE Value: GS1.1.1711692227.1.0.1711692227.60.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_BJSJ9D5YCT Value: GS1.1.1711692227.1.0.1711692227.60.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_QF69KEJ9DS Value: GS1.1.1711692227.1.0.1711692227.60.0.0
www.totonesia1.cfd/	1969-12-31 23:59:59	Name: twk_idm_key Value: lyVKFwx6CxKOXMmkP509j
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_TBXS3Q9T1W Value: GS1.1.1711692227.1.0.1711692227.60.0.0
.totonesia1.cfd/	1970-01-21 05:04:12	Name: _ga_7SC1Z52620 Value: GS1.1.1711692227.1.0.1711692227.60.0.0
www.totonesia1.cfd/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.totonesia1.cfd/	1970-01-20 23:47:24	Name: twk_uuid_60ddd3ad65b7290ac638e9ff Value: %7B%22uuid%22%3A%221.7xYjBN5Wkk1fJEfzB3FcYwL5czTvk2i9CyxDdaJL8rR1P6BXrpWD8ZyHVnbhgCLvmVbTKNxfFhwuwfpeSS9BuiGNR11Q9mtQ288LVR4iU6AiSG9t4W2liskV%22%2C%22version%22%3A3%2C%22domain%22%3A%22totonesia1.cfd%22%2C%22ts%22%3A1711692229231%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.totonesia1.cfd/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://www.totonesia1.cfd/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
stats.g.doubleclick.net
totonesia1.cfd
ttn.suksesbersama.xyz
va.tawk.to
www.google.com.sg
www.googletagmanager.com
www.totonesia1.cfd
142.251.10.94
172.64.129.7
172.67.129.192
172.67.182.205
172.67.38.66
2404:6800:4003:c0f::5e
2404:6800:4003:c0f::5f
2404:6800:4003:c0f::61
2404:6800:4003:c0f::71
2404:6800:4003:c1c::5e
2404:6800:4003:c1c::9a
2606:4700:3033::6815:2df
2606:4700:4400::6812:2844
2a04:4e42::485
64.233.170.100
74.125.200.155
0064f5946529b92ba0301f7a2927cf1ca3d925db6eff78b688bc5f28990a8dd8
02735c005820a28881beaf88a8ac088c03f66f67fde5baf94b1142d93080d76f
042d0c24ee245f6fb521a19c426fc8a4a6b9e38bf38d8260c95ce9da2897b4be
0a467d84e08aee79f92f87bbce7546c9f9487cee3108d5df924200cafbcb7898
0d95ae0bbfe71d557544040ade1602482277a9d859f59693a0e1c84149e0ebbd
0ee5f5422f350bb6e9d0b88197308615cf47f61af119449342ed9be24ad8b3be
11f00f51babfd76e54441cb558218966d6bea432003d3ac2f862aeb159fd6613
136ab1f5b8a754fd49776d1480dc25c21eec614961ceffcccd8731e54dd4c63e
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
15e017480222304b17c045ad9a3f90c5f89368e1a8af6f9bab2aed5574a064cd
169565dd29d1494d6f2f064c39b9a8adba6fc5bf3af689b515192e98641f71eb
18c3d8a0ad008e34117c40f22a38aa59daa186cd7ca8cf7bf2191d602a0a0301
1fb53e33cf2efffb0bcf67ca7212dd12a9730bdf48ae7d3af4299d88df067bda
246894ad83365e8033cf2e6d39a8c140f03af24bc94f6ff0e5ac944b003bf849
26c00c91aa26f8a81dc41fe7ca0db1dfd849180200596138437f2ca57357dd0f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b3364bf5fb302073d658ea65b05b7980ca081be1041d47ec8a528c82f7e1b49
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2be6b6a43e5cf223825ebe084d26f485fc215aa7c9d9260eb69c37ea74ae5cea
2ef7672ca46b7742d7977c7b079572ef699b907c4aeae9c396d57fecfe7005ee
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
31d21898ede7cb1471c88db62a9cd4f53c960d05251944a5fea532725dc42df0
33be661e2d335046642b1194ea6d6877e789b3a21fba9f46382cb02020da6d3e
37111a262e25d34daf200a6db5fc0dea56baa790215c965a3746ae82e568d55c
3838f94b473c4bae3ee25bf32dfca43666df9083e9efcf73307d62cbf019d68e
4015e979de10b58534ef710b4fd748da5e5d7a0746961dc9c8c5859f0ad26d13
43bf4e7e2b09a9f0c8cdf68997f86aab5caf925c42f628ea66affc1d04e7a21f
444ab3012bfbf1a0eaa0ac3d1fc421d00b23dfa135fd0042e7e659f9b872b33e
47259cea1ad2b7288646f2df92105a2229b8cc97d44c540ad29b37c49b33c7af
4862faa99c1c7d4b1a4044d094b8b21bcd07ee0ac70ea96b0f7058fe765853e7
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76
50de8f6262195f17b98c0225b263474678932f3bbd906faa8395f1683ad4627f
5285275760ce24f97fc85a2aa7a705e2bfcdebe875a6028441382d2ca36b3f1c
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
55a56b01d8c7be22482049288972baac8cdcbef8b76761268b84a921955a2a5a
5dc5b09459c4a2168ef2e4eeb84d73a78f49d9cb63236656ac5b8bb86445bbf9
62a9f80b187e5f104453fa153e4a5c561dd5cd075150b083c59b5c47f7b79306
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be
67f2855c77baa1472085a0334e6f3abf6357f77ffa50b0312882f5353b5c756b
68ed4dd0f34e035fffd95720051fb451a24990dfd2db58ab61159e6cbe685ce0
6cbf96cf03421e83512d4519e1beae3f6f10598533f97c545b62920ed3c67465
6e2776a3f8d13e94909378d908ee3a8964de68ebad72bbd525f67cf331376309
6f578841271e49a72efc7e9281a47907aac4269038f674162955b82b8ca174d3
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
71bd307cd6364578bada5d731f5e296ec046ecadc65b2797a441cca2bdab990c
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
8209a6afff99cc7c95515093b180dc71de478f829b1c8faf443dbf904a8f5db3
870ca73c28b66e99c0124e1a8569128809a948c1a5c799f1c7c87d90c526d9d1
88de73894aeee4a15c705516790ca6cb7e5634799645bec81aab920047a9fd91
88e5bdba1829dd6ef929e28f88bb66cbfed90f10d4c293b48ff76502dd253552
89b74e925eff61782241869fcff81df24b34b57200b16a050b95405d8c7e92cf
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
91296b2b3c6df709c3ef5351db5f836c4c5ad1d5806c320849528de327ea9a50
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
94363dc3049b3e6f58c7582fd050438b990bd2a98f8929f8da18124821fa9ed0
9541f1cb2abfeadf5c5e508a0ebe9117ebc596878bd3f884d0bbfc7c3cf34804
95778d8b7b295c3a8478a37581a5eb84dc6b896a0a844c6e7a0504eaed0fc7c3
972de8c5257c5c31f0ae45016595089022e4f82e766cec78fb40c997bfbac75f
97beb2038b528ea5e5168581234557b8a159a5dcc8f4bf62e70751867bec7a76
9f12bd968fc23a6c4bb202c1d8f783c416fb14c64fca90b41cdd6877d16ee3a9
9f8ebeaf568fb10d75c95b5776a68b9a90f5a6610ca376ae19c3763577a76f1a
a31616ec8a3976e036fc2c4a4d05acb6bfeb635199c44ae6f9ceb51212be3086
a3488619ebc4cd91220a7094e48c99e38a660bda7187721082dcb7d7b7b076dc
a44bb2201ebef1e358dc644a8d876ec52e27629253ed9c1b8bd09bcfe9d2b9a1
a70b9c35014517bdd4c2b1f094d0fc7dae44ba0fd5fda97911ae8f690ed6db69
a8d11b1a10bd9d92e8cb5e63a1aa03e1bdeefb6f9779b276bf20283ab1efa827
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368
ad73144d81bb8a6d03ac78735880786fbea89b93632dd0e3d3b2de444cf85034
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab
ba0899b23dac99e10e2e4f46ad8ee1b2509ac0ad5f7c442ee6746db6afed921f
ba4ed7985fc12fc747b3e907a2d52bc9fcd57ad8c2ae587918bf27ce55dbca2f
bd45048da71271b2da1dfb276a254f793bc7962473c02c4b88538133fb82f8d5
c05f5e7ea0654d6cd2d2d25714f92a8a61f924ddb3bef394dff1a16b6e8d9743
c564db0ba01aac7703903e3237960e3f3f7179893a0525a265e4c328c0336f23
c5f1766815ca808d6c2b7eddbce76e8cfae175c1bc374e29070d07cfbbe77f52
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d32d610f7b283b1882efc35ee89e4c27eddd9d868046313a61550f5ad928fd2c
dd5bbe8e388cdac2afe154990f9015538bdf6c7fc5d878d373a984466d0f653a
de061be7bea90fdfa6759cd94f7e8f3467c0924627823a1712394cc4e41e4ece
e1244c72ec23d69f6bd14f92a26684b79030de0ab4d5e4ee5d4628b787164eeb
e2cefdac4e086c2f4853aa1b5e7f57e4a7716ea1d846aba4a3c134fc35b97b6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76278d6ad454ce215d4071b3d0fd0aaceed73feceaacf6f68ff975bb53b63b5
eb94ff450149e7c47fce75f945ba83f4bea2eaa3c2b70d802945e118508928de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

www.totonesia1.cfd Open in urlscan Pro 2606:4700:3033::6815:2df Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

100 %HTTPS

56 %IPv6

11 Domains

14 Subdomains

16 IPs

2 Countries

3797 kBTransfer

9611 kBSize

17 Cookies

41 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.totonesia1.cfd Open in urlscan Pro
2606:4700:3033::6815:2df Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

100 %
HTTPS

56 %
IPv6

11
Domains

14
Subdomains

16
IPs

2
Countries

3797 kB
Transfer

9611 kB
Size

17
Cookies

144 HTTP transactions
0 data transactions