Overview

URL lokerantik.com/category/manajemen
IP198.252.111.236
ASNAS20068 Hawk Host Inc.
Location Canada
Report completed2018-06-15 06:47:56 CEST
StatusLoading report..
urlQuery Alerts Crypto currency mining script


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-06-15 06:47:25 CEST 1  217.182.164.9 Client IP ET CURRENT_EVENTS Observed Malicious SSL Cert (Coin-Hive In Browser Mining)


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-06-15 2 coin-hive.com/lib/coinhive.min.js Malware
2018-06-15 2 coinhive.com/lib/coinhive.min.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 198.252.111.236

Date UQ / IDS / BL URL IP
2018-10-01 19:31:56 +0200
0 - 0 - 1 bocxeptphcm.net/966956636809112181088866263859.zip 198.252.111.236
2018-10-01 12:27:13 +0200
0 - 0 - 35 banmaybomnuoc.com/ 198.252.111.236
2018-09-30 05:49:16 +0200
0 - 0 - 3 video.casanova.vn/ 198.252.111.236
2018-09-07 15:59:11 +0200
0 - 0 - 1 rainwaterzone.com/tag/personal/ 198.252.111.236
2018-09-07 00:37:27 +0200
0 - 0 - 1 rainwaterzone.com/tag/platformstand/ 198.252.111.236
2018-09-06 20:59:06 +0200
0 - 0 - 1 rainwaterzone.com/tag/copper/ 198.252.111.236
2018-09-06 20:57:22 +0200
0 - 0 - 1 rainwaterzone.com/tag/ometep/ 198.252.111.236
2018-09-06 19:51:17 +0200
0 - 0 - 1 rainwaterzone.com/tag/sabuco/ 198.252.111.236
2018-09-06 19:50:44 +0200
0 - 0 - 1 rainwaterzone.com/tag/sheikh/ 198.252.111.236
2018-09-06 15:28:24 +0200
0 - 0 - 1 rainwaterzone.com/tag/subterranean/ 198.252.111.236

Last 10 reports on ASN: AS20068 Hawk Host Inc.

Date UQ / IDS / BL URL IP
2018-11-21 05:39:35 +0100
0 - 1 - 0 datenew.tk/ 198.252.108.5
2018-11-21 00:07:07 +0100
0 - 3 - 0 lastbookcollection.tk/ 198.252.106.197
2018-11-20 22:01:31 +0100
0 - 1 - 0 obatoles.ml/ 198.252.106.234
2018-11-20 20:22:53 +0100
0 - 0 - 2 life.jrubbish.com/archives/16575 198.252.107.153
2018-11-19 15:56:20 +0100
0 - 0 - 1 https://climbersenthusiast.org/exe/onedrive/s (...) 198.252.111.4
2018-11-18 16:30:13 +0100
0 - 1 - 0 jelaspoker.gq/ 198.252.111.28
2018-11-18 00:47:40 +0100
0 - 1 - 0 darkraw.ga/ 198.252.106.217
2018-11-16 15:16:02 +0100
0 - 0 - 35 mekongdelta.travel/ 198.252.107.90
2018-11-15 11:38:52 +0100
0 - 1 - 0 goodcheapbook.ga/ 198.252.106.197
2018-11-15 10:02:26 +0100
0 - 1 - 0 capsadomino.website/ 198.252.111.28

No other reports on domain: lokerantik.com



JavaScript

Executed Scripts (35)


Executed Evals (0)


Executed Writes (7)

#1 JavaScript::Write (size: 632, repeated: 1) - SHA256: 81fd0921a9805673d1a8bdcce4b180aa1cf1d89644bdf5917665a8f2793c4aaa

                                        < !doctype html > < html > < body > < iframe style = "display:none"
data - ad - client = "ca-pub-9906976558496952"
id = "google_esf"
name = "google_esf"
src = "https://googleads.g.doubleclick.net/pagead/html/r20180613/r20180604/zrt_lookup.html#" > < /iframe><script>google_pub_vars=window.parent['google_sv_map']['aswift_0'];google_iframe_start_time=new Date().getTime();google_async_iframe_id="aswift_0";</script > < script > window.google_process_slots = function() {
    window.google_sa_impl({
        iframeWin: window,
        pubWin: window.parent
    });
}; < /script><script src="http:/ / pagead2.googlesyndication.com / pagead / js / r20180613 / r20180604 / show_ads_impl.js "></script></body></html>
                                    

#2 JavaScript::Write (size: 86, repeated: 1) - SHA256: be0c0d86345c40de83790ea4461047c1327efd0907b14d2af9f41634ceb6678e

                                        < div id = "+ADFP1x"
style = "width:300px;height:600px;" > < /div><i style="display:none"></i >
                                    

#3 JavaScript::Write (size: 1337, repeated: 1) - SHA256: 97cbf969df020212067faf4f637ad43e27939085f6c2af2e387e9c34d3a6535d

                                        < iframe id = "google_ads_frame1"
name = "google_ads_frame1"
width = "300"
height = "600"
frameborder = "0"
src = "https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&amp;output=html&amp;h=600&amp;slotname=2684312555&amp;adk=1269738611&amp;adf=807048394&amp;w=300&amp;lmt=1529038044&amp;loeid=201222032&amp;guci=1.2.0.0.2.2.0&amp;format=300x600&amp;url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&amp;ea=0&amp;flash=10.0.45&amp;wgl=0&amp;adsid=NT&amp;dt=1529038045928&amp;bpp=31&amp;fdt=38&amp;idt=266&amp;shv=r20180613&amp;cbv=r20180604&amp;saldr=aa&amp;abxe=1&amp;correlator=7792352631357&amp;frm=20&amp;pv=2&amp;ga_vid=1836815214.1529038047&amp;ga_sid=1529038047&amp;ga_hid=1013072188&amp;ga_fc=0&amp;icsg=0&amp;dssz=0&amp;mdo=0&amp;mso=0&amp;u_tz=120&amp;u_his=1&amp;u_java=1&amp;u_h=885&amp;u_w=1176&amp;u_ah=855&amp;u_aw=1176&amp;u_cd=24&amp;u_nplug=10&amp;u_nmime=92&amp;adx=720&amp;ady=93&amp;biw=1159&amp;bih=754&amp;scr_x=0&amp;scr_y=0&amp;eid=368226400%2C201222022%2C21061122&amp;oid=3&amp;rx=0&amp;eae=4&amp;fc=528&amp;brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&amp;vis=0&amp;rsz=%7C%7C%7C&amp;abl=CS&amp;ppjl=u&amp;pfx=0&amp;fu=16&amp;bc=1&amp;ifi=1&amp;dtd=827"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
scrolling = "no"
allowfullscreen = "true" > < /iframe>
                                    

#4 JavaScript::Write (size: 69, repeated: 1) - SHA256: 616c680a3c971cc788f5e124a3fdfa2c36f2b63376636fb5006713ad0b57a4c3

                                        < script src = 'http://www.statcounter.com/counter/counter.js' > < /script>
                                    

#5 JavaScript::Write (size: 105, repeated: 1) - SHA256: 4c622e185a176efda9a069b3c67bf0aea415663052a3f277bc9af6e654b5ff73

                                        < script type = "text/javascript"
src = "https://s1.adform.net/stoat/610/s1.adform.net/bootstrap.js" > < /script>
                                    

#6 JavaScript::Write (size: 1062, repeated: 1) - SHA256: 9bd1fcdb1088abccf5798250fa60cfd13456aaeed73bd2de779975bbacf350a5

                                        < script type = "text/javascript"
src = "https://track.adform.net/adfserve/?CC=1&bn=22912596;rtbwp=WyNE3gAOuVcKso8CAAhwW62uVEVEVENr4uvXRQ;rtbdata=R9Mdx73pibSBugIUALdhquE-t2VBQO7Le0utZtYgQXzO-4VVE52e5XGSX0P4P2FHox1u06CRWq-dXntd1vE9Zts4AaEegQtIf4ofFRiWbO__VON51MsDddtwvddY8tsVQXCOy6P1cLv40Az4d7Bf7UWf7cr_JzAW55tPNyvDOyIwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGQsPQlfWWDcg2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CIYW83kQjW9fyOoKeygXb4KHgB53Gn_FN9Zvb_t8CwI23ARABIABgw9ykhZgYggEXY2EtcHViLTk5MDY5NzY1NTg0OTY5NTLIAQmpAlq5t9iK3YQ-qAMBqgSKAU_QC-rKlF5GpPF7vTy4MaPqKdsMc2KHib-1bK8S19_0N72L4-cwcWKcdIG1SaZ1yqzEaeDKe9gm4vQevRYqyREfzN0qXKZDeK8Zz7RCDd1520ngQVE9yBy99Q06CJSnnvYRaIOG7Dywykq4D6ZlWRdZ9TygxMyfHVJXmC_VF66Kkvfy3BhNkSRSQ4AG1fGA0fX1gPJvoAYhqAemvhvYBwDSCAcIgOGAEBAB&num=1&sig=AOD64_3XCbA5179LoZGRkzlJC2Xjy0_S9g&client=ca-pub-9906976558496952&adurl=;js=1;adfxid=1x;5299;set=en-US|en-US|1176X885|10.0452|300|600|24|8|3|7|1;fd=0|0&CREFURL=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen" > < /script>
                                    

#7 JavaScript::Write (size: 590, repeated: 1) - SHA256: 825da465ba8359dfb285417c0184a7ec0fde7ea2711334f10bb976e06b3f130b

                                        < span class = "statcounter" > < a class = "statcounter"
href = "http://www.statcounter.com"
target = "_blank" > < img src = "http://c.statcounter.com/t.php?sc_project=11447196&amp;java=1&amp;security=d2251776&amp;u1=3426D64A4ABA4F55269B7F85FBAEF888&amp;sc_random=0.30203276348434493&amp;jg=new&amp;rr=1.1.1.1.1.1.1.1.1&amp;resolution=1176&amp;h=885&amp;camefrom=&amp;u=http%3A//lokerantik.com/category/manajemen&amp;t=Manajemen%20%7C%20Lokerantik.com&amp;rcat=d&amp;rdom=d&amp;rdomg=new&amp;bb=1&amp;sc_snum=1&amp;sess=7a9eb4&amp;p=0"
alt = "StatCounter - Free Web Tracker and Counter"
border = "0" > < /a></span >
                                    


HTTP Transactions (49)


Request Response
                                        
                                            GET /category/manajemen HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
X-Powered-By: PHP/5.6.36
Link: <http://lokerantik.com/wp-json/>; rel="https://api.w.org/"
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:24 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: close


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5992
Md5:    dbd470c52d2945989f6822a51ddf3429
Sha1:   9a7c4dbfe39a41f68e9a2b5e46899272786841d5
Sha256: 801fbdf2725e839849645779d267b222e3c8c4cea09bcfc88755b6ecb598d11b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:24 GMT
Server: Apache
Last-Modified: Thu, 14 Jun 2018 02:36:34 GMT
Expires: Thu, 21 Jun 2018 02:36:34 GMT
Etag: 4069055551EE2FF443752400750AC52089764172
Cache-Control: max-age=509949,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp32
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    ada882c2873d9bc78ff38bf5929c2080
Sha1:   4069055551ee2ff443752400750ac52089764172
Sha256: dd0f21aaf9225447d95aa376a350acf9d90cbad6373dde07a101c4ee230e6399
                                        
                                            GET /wp-content/themes/Nyeo-bawaan/style.css HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:24 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:54 GMT
Content-Length: 3504
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:24 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3504
Md5:    b067f29984cfef35572171f1daa2bf45
Sha1:   7ca1fee2b451d014f1a327801ef3fdffbd2c4b37
Sha256: 329c9e757f502bd8c2e4dae4ee01cde82201c647cbebe503d786dbf7189670ca
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:24 GMT
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Expires: Tue, 19 Jun 2018 01:16:20 GMT
Etag: 990787E64B5D1F96C72B2061E3F0144A07F045D2
Cache-Control: max-age=332335,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp32
Content-Length: 727
Connection: close


--- Additional Info ---
Magic:  data
Size:   727
Md5:    c8ecef5a7181d8d7c39d8ae06ebb7c04
Sha1:   990787e64b5d1f96c72b2061e3f0144a07f045d2
Sha256: 87012060245a4444849459a31b945668516ba7dbfbd16396f7ea8ca71136f671
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:24 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:55 GMT
Content-Length: 4303
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:24 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4303
Md5:    cbb781ab16adc76588b488d1e472b8a9
Sha1:   85455b9c0b265a0bb9815ce834c67972ff0d437d
Sha256: 4ae120ba11bfa1cb6f71ceeecc5b6a0abe34cb4fb195a46ef3a85b40d1e1244e
                                        
                                            GET /pagead/js/adsbygoogle.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:25 GMT
Expires: Fri, 15 Jun 2018 04:47:25 GMT
Cache-Control: private, max-age=3600
Etag: 11613567774189457861
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 27282
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   27282
Md5:    29ee89be04e2643eb848bd64e76f651e
Sha1:   88bb4f7d941a8eed5309ab27a66543082829abcf
Sha256: 8ee60ca647a55e0b439ea15a9031bc50ec1f967a85937e03cf6de8933f2fb97f
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:24 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:55 GMT
Content-Length: 39407
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:24 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   39407
Md5:    52e2b84578787767c3c49a3b193b94a4
Sha1:   99a84318ca297a4d061b7008e1c3e3e806a79d3c
Sha256: d9a40b219cc9307378ddb0cd864a73518bb83a249abdf3ef0edbeb8c3eca79df
                                        
                                            POST / HTTP/1.1 
Host: ocsp.usertrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         178.255.83.1
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:25 GMT
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Expires: Tue, 19 Jun 2018 01:16:20 GMT
Etag: AE4B185B2ECC39CC7C8F4124E5AEB796F5ECC58F
Cache-Control: max-age=332334,public,no-transform,must-revalidate
X-OCSP-Responder-ID: rmdccaocsp32
Content-Length: 471
Connection: close


--- Additional Info ---
Magic:  data
Size:   471
Md5:    e21c39af1710d2a6de021715d268f796
Sha1:   ae4b185b2ecc39cc7c8f4124e5aeb796f5ecc58f
Sha256: eee7a074c25f2f892d51e619013f11662e8783769f8b1573b1dca114d77632f5
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.6 HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:25 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:55 GMT
Content-Length: 4721
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:25 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4721
Md5:    5b6571d9b92124b4b0d6307293dc521b
Sha1:   d302e67cf403ee3525fcd4487b1e13361e73d862
Sha256: 5e8e173ea063c987a9cf2dcc8f7636e8f114f669bb4d926c00ab40317850443a
                                        
                                            GET /wp-content/uploads/2016/11/kerjayu.jpg HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:24 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:54 GMT
Content-Length: 38260
Date: Fri, 15 Jun 2018 04:47:24 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   38260
Md5:    39077dd904766d0478c7ee9f13f46889
Sha1:   c6494c38cb32acbac59b77a5f6a3941054fdc361
Sha256: 3a2c1987d9e01a5048893f0ed053a6052cffdfe7584dbe981f0307470dd5c231
                                        
                                            GET /wp-content/uploads/2016/11/loker-terbaru-pt-100x80.png HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:25 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:54 GMT
Content-Length: 12126
Date: Fri, 15 Jun 2018 04:47:25 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 100 x 80, 8-bit/color RGBA, non-interlaced
Size:   12126
Md5:    d55289daf697a96ecb0dbf2846bfd1fc
Sha1:   b94e044f75c6245b6ee668e287ef67351eb5b104
Sha256: 03fc8eda4c37bb843906e1dc95b7fcf5abda71379873bfc91690506e209cec27
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.9.6 HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:25 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:55 GMT
Content-Length: 765
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:25 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   765
Md5:    36d31e5e90ecad1726b083b201f01ac2
Sha1:   a932a9781ee6d270e4505dc5ed28e3108f9ee851
Sha256: c141ad9f1aa165b8ed384d8a8b755e763ea6b1696163e405d717af7ba2783f80
                                        
                                            GET /lib/coinhive.min.js HTTP/1.1 
Host: coin-hive.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         217.182.164.9
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:25 GMT
Content-Length: 178
Connection: keep-alive
Location: https://coinhive.com/lib/coinhive.min.js


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  urlquery:
    - Crypto currency mining script
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 116
Content-Type: application/ocsp-request

                                         
                                         80.239.159.10
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 12 Jun 2018 03:54:32 GMT
Etag: 660EB12B8B51BE2C961D0C42BB501A0087C8D448
X-OCSP-Responder-ID: rmdccaocsp35
Content-Length: 472
Cache-Control: public, no-transform, must-revalidate, max-age=1605
Expires: Fri, 15 Jun 2018 05:14:10 GMT
Date: Fri, 15 Jun 2018 04:47:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   472
Md5:    327674570f1234acd0c1f5e7f2dda7de
Sha1:   660eb12b8b51be2c961d0c42bb501a0087c8d448
Sha256: 771301c0a1d641d100bb4f8a27bc0b23512c0fd935c4217afe87e9d4b1b75ab9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca4.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         80.239.159.10
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Last-Modified: Tue, 12 Jun 2018 01:16:20 GMT
Etag: AA24BC0AB6199DB26754048E01DEABEC8865E132
X-OCSP-Responder-ID: rmdccaocsp35
Content-Length: 727
Cache-Control: public, no-transform, must-revalidate, max-age=674
Expires: Fri, 15 Jun 2018 04:58:39 GMT
Date: Fri, 15 Jun 2018 04:47:25 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   727
Md5:    ffe8ad370cab78d4371f0e117a2b7b3b
Sha1:   aa24bc0ab6199db26754048e01deabec8865e132
Sha256: a141ea45dcd11600e92172ef17c0671de74d8af3f7d0ae14a8cbbebeb1c44e5e
                                        
                                            GET /lib/coinhive.min.js HTTP/1.1 
Host: coinhive.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         104.20.208.59
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Fri, 15 Jun 2018 04:47:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd8ef468861708d1c87970b0f7142c0e41529038045; expires=Sat, 15-Jun-19 04:47:25 GMT; path=/; domain=.coinhive.com; HttpOnly
Last-Modified: Wed, 11 Apr 2018 09:53:07 GMT
Etag: W/"5acddb03-40063"
Expires: Fri, 15 Jun 2018 12:47:25 GMT
Cache-Control: public, max-age=28800
Access-Control-Allow-Origin: *
Content-Encoding: gzip
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 42b26608be1d42a3-OSL


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   68258
Md5:    aace5e5a34519cdd9c971d57f21e5d82
Sha1:   ceecd09dbe85c771648f2ce6942fe9707c6f31f4
Sha256: ef2f23c272fb07e8e93f26cf6051bd2c3d377cf54e2431f9fdd6666852749e62

Alerts:
  urlquery:
    - Crypto currency mining script
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2016/11/loker-pt-at-indonesia-100x80.jpg HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:25 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:54 GMT
Content-Length: 1828
Date: Fri, 15 Jun 2018 04:47:25 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   1828
Md5:    32ba76874d282c22abf41dd0478f5af0
Sha1:   d5c0fcdde2a7746e45cd53f74dc24833006d0e86
Sha256: ffa1fcb9304ced534d2e8301c9fc6077d38505f039dc4ad47714d850ae1dd51e
                                        
                                            GET /wp-content/themes/Nyeo-bawaan/js/js-mainmenu.js?ver=4.9.6 HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:25 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:54 GMT
Content-Length: 221
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:25 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   221
Md5:    ac4b41882542b5d5edcc45b2fdd1b096
Sha1:   a7e2c1d9dc053415d9dd51942bbfee90f9880a1f
Sha256: 224a096a0ecdf23c83f5355ee92669765dc1de36006a5405bb0c9a624f64dd0a
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:25 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    0f8be705efb9a8158e5aa9023d1eeb01
Sha1:   e36ca6a2fdb3b97a3f430de824755d473218875d
Sha256: 9422b7e7144cc71d7eae2f1ed067f765b74307d7c6d4ee5108ca863b0fefa7a6
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:25 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:25 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    941f7971bdb2e14d8c774d9f9e9f598a
Sha1:   4a519dcb5ea510d5b1520bfbe6d937e72f243c89
Sha256: 78a60d2cafeaca099b91b0793761ab393153c14e4681adb3f4cb8c55c1c688f4
                                        
                                            GET /adsid/integrator.js?domain=lokerantik.com HTTP/1.1 
Host: adservice.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Fri, 15 Jun 2018 04:47:25 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /adsid/integrator.js?domain=lokerantik.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
P3P: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Date: Fri, 15 Jun 2018 04:47:25 GMT
Server: cafe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   104
Md5:    835dc76a57166c8b5b88275a570d1891
Sha1:   0d7e8826520cdadf8db62583b25e26149af2c8ce
Sha256: 6441b99ce0ba328cabe2ff8d6167c3ac47f8d67fc469689fd925f7b57761c333
                                        
                                            GET /pagead/js/r20180613/r20180604/show_ads_impl.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Fri, 15 Jun 2018 04:47:25 GMT
Expires: Fri, 15 Jun 2018 04:47:25 GMT
Cache-Control: private, max-age=1209600
Etag: 4926544748616122962
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 70143
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   70143
Md5:    bdf2228bfa6c76a68c98e0f1c7b5c60b
Sha1:   4295d1ff5b9d933327040493847220d85433736a
Sha256: a06596a08662f5b986c260819264a8232370fa19bf4dd864a706b364bf0328a2
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:26 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    43f476d97c204025cf1123df302d3135
Sha1:   73d7a3feacf291e4c80eaf82a1ef4aa2b2572f24
Sha256: c9195dfbc5f04a99e8bc5a6ceb76840d7189a25c50c45ffdbe285958bee3c723
                                        
                                            GET /wp-content/themes/Nyeo-bawaan/img/list.png HTTP/1.1 
Host: lokerantik.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/wp-content/themes/Nyeo-bawaan/style.css

                                         
                                         198.252.111.236
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Cache-Control: public, max-age=604800
Expires: Fri, 22 Jun 2018 04:47:26 GMT
Last-Modified: Wed, 18 Apr 2018 03:16:54 GMT
Content-Length: 123
Date: Fri, 15 Jun 2018 04:47:26 GMT
Accept-Ranges: bytes
Server: LiteSpeed
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 4 x 4, 8-bit colormap, non-interlaced
Size:   123
Md5:    6e31f898be5913fe2678c54788fb3e5d
Sha1:   35d06da4e50517eee130dff9ca4e29ca6c4d9507
Sha256: 7c8d980245d336b9ecc767840438a97c440ca88919d31d150ee498873044fe69
                                        
                                            GET /pub-config/r20160913/ca-pub-9906976558496952.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 125
Date: Fri, 15 Jun 2018 04:47:26 GMT
Expires: Fri, 15 Jun 2018 16:47:26 GMT
Cache-Control: public, max-age=43200
Last-Modified: Thu, 14 Jun 2018 22:49:09 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   125
Md5:    21aea2dae0239adff4f9f063cdacfc76
Sha1:   ce64c497ac1dd86393da79e8cea239de113c1de7
Sha256: a59ee78166b8467dd7dd8c7acb03d8df7d16cf4a04f45c8558366df1c33b868f
                                        
                                            GET /pagead/js/r20180613/r20180604/osd.js HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 14 Jun 2018 04:39:59 GMT
Expires: Thu, 28 Jun 2018 04:39:59 GMT
Etag: 3904269307053913741
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26581
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 86847
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26581
Md5:    fbaf30981770e8e6717f4d6e0a79e829
Sha1:   766daae04287db41a4d415bd2ff67bcb9aa740fa
Sha256: 36283f424b87e260fcba6da7d4480042afc0279fa9b8f3b7ee97396144747b5f
                                        
                                            GET /pagead/html/r20180613/r20180604/zrt_lookup.html HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Thu, 14 Jun 2018 04:40:44 GMT
Expires: Thu, 28 Jun 2018 04:40:44 GMT
Etag: 4726315756816018096
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 6958
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 86802
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   6958
Md5:    10e890f6add5412ceb6551110efc6a5a
Sha1:   2931281ad4cc4612fc4f51d293476b6447d24df0
Sha256: 7b9de2bf9579846089a25c5cc861e2de3e7b91f3867e528478a7badb2f6da1f0
                                        
                                            GET /counter/counter.js HTTP/1.1 
Host: www.statcounter.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         91.194.204.153
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Fri, 15 Jun 2018 04:47:26 GMT
Server: PWS/8.3.1.0.14
X-Px: ht h0-s1022.p4-ams.cdngp.net
Etag: W/"59034540-7083"
Cache-Control: max-age=43200
Expires: Fri, 15 Jun 2018 10:11:55 GMT
Age: 23731
Content-Length: 10411
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 28 Apr 2017 13:36:00 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   10411
Md5:    76fd35609823ca67dff9d7be59b45e36
Sha1:   b5d1acf76d05f59c5b237ccd864fe2ac500720ad
Sha256: 0881d77aaf767a2e38bda49eb01953c4a3a18c98b4d794ab74f4acf85352a0fb
                                        
                                            GET /pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Fri, 15 Jun 2018 04:47:27 GMT
Server: cafe
Cache-Control: private
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=CheckForPermission; expires=Fri, 15-Jun-2018 05:02:26 GMT; path=/; domain=.doubleclick.net
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Expires: Fri, 15 Jun 2018 04:47:27 GMT
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   5868
Md5:    94b1aced7102bab49830eb498a5b6791
Sha1:   d260b2cb8084bd7c197bb18a820c3052573dafa7
Sha256: 0a2a4ad73f9327ce8d5d4646f9f959b5cec66f9bde88c27f7880a0b8cb0ac275
                                        
                                            GET /pagead/adview?ai=CIYW83kQjW9fyOoKeygXb4KHgB53Gn_FN9Zvb_t8CwI23ARABIABgw9ykhZgYggEXY2EtcHViLTk5MDY5NzY1NTg0OTY5NTLIAQmpAlq5t9iK3YQ-qAMBqgSKAU_QC-rKlF5GpPF7vTy4MaPqKdsMc2KHib-1bK8S19_0N72L4-cwcWKcdIG1SaZ1yqzEaeDKe9gm4vQevRYqyREfzN0qXKZDeK8Zz7RCDd1520ngQVE9yBy99Q06CJSnnvYRaIOG7Dywykq4D6ZlWRdZ9TygxMyfHVJXmC_VF66Kkvfy3BhNkSRSQ4AG1fGA0fX1gPJvoAYhqAemvhvYBwDSCAcIgOGAEBAB&sigh=JMgWgExCkM0&vis=0 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: test_cookie=CheckForPermission

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 15 Jun 2018 04:47:27 GMT
Server: cafe
Content-Length: 0
X-XSS-Protection: 1; mode=block
Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUlxCKVIFoqp8qDSQnP2ujc7bH1-SpWiBf6z-kxTBoT7llW0bLpBgQletxof; expires=Sun, 14-Jun-2020 04:47:27 GMT; path=/; domain=.doubleclick.net; HttpOnly
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
Expires: Fri, 15 Jun 2018 04:47:27 GMT
Cache-Control: private


--- Additional Info ---
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=153805
Date: Fri, 15 Jun 2018 04:47:27 GMT
Etag: "5b22dc15-1d7"
Expires: Sat, 16 Jun 2018 23:05:06 GMT
Last-Modified: Thu, 14 Jun 2018 21:20:21 GMT
Server: ECS (arn/46BA)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    198be7e6dd4669d57efcdbe47180d5d5
Sha1:   95f408e6bbce6313cd5d9c9e9a9f519a1f03e48e
Sha256: a02922570acf307d172f36e803484689e56ac3eec3c621e6c633dce56d3d1b01
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=152301
Date: Fri, 15 Jun 2018 04:47:27 GMT
Etag: "5b22dae8-1d7"
Expires: Sat, 16 Jun 2018 22:44:53 GMT
Last-Modified: Thu, 14 Jun 2018 21:15:20 GMT
Server: ECS (arn/46A2)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    f2ee7142370997018de8ce89061357c6
Sha1:   1fce081499168e34ec81fbd651d48a75b54a0eec
Sha256: 7180eec3f922bce3bc574b11a3983a5d97c942aa78ba13a6850bb5ea812391be
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.211.14
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 15 Jun 2018 04:47:27 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c9f59094b181155d2e486cb4e7d14313
Sha1:   8e76edbe5a5b6455fa8f37a2cf26440a67664f73
Sha256: a7634e688e74381b5effbc7c4ab7c803732a40f8c799e1298850a905bd754a38
                                        
                                            GET /adfscript/?bn=22912596;rtbwp=WyNE3gAOuVcKso8CAAhwW62uVEVEVENr4uvXRQ;rtbdata=R9Mdx73pibSBugIUALdhquE-t2VBQO7Le0utZtYgQXzO-4VVE52e5XGSX0P4P2FHox1u06CRWq-dXntd1vE9Zts4AaEegQtIf4ofFRiWbO__VON51MsDddtwvddY8tsVQXCOy6P1cLv40Az4d7Bf7UWf7cr_JzAW55tPNyvDOyIwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGQsPQlfWWDcg2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CIYW83kQjW9fyOoKeygXb4KHgB53Gn_FN9Zvb_t8CwI23ARABIABgw9ykhZgYggEXY2EtcHViLTk5MDY5NzY1NTg0OTY5NTLIAQmpAlq5t9iK3YQ-qAMBqgSKAU_QC-rKlF5GpPF7vTy4MaPqKdsMc2KHib-1bK8S19_0N72L4-cwcWKcdIG1SaZ1yqzEaeDKe9gm4vQevRYqyREfzN0qXKZDeK8Zz7RCDd1520ngQVE9yBy99Q06CJSnnvYRaIOG7Dywykq4D6ZlWRdZ9TygxMyfHVJXmC_VF66Kkvfy3BhNkSRSQ4AG1fGA0fX1gPJvoAYhqAemvhvYBwDSCAcIgOGAEBAB&num=1&sig=AOD64_3XCbA5179LoZGRkzlJC2Xjy0_S9g&client=ca-pub-9906976558496952&adurl= HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827

                                         
                                         37.157.4.41
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:27 GMT
Content-Length: 1625
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Set-Cookie: C=1; expires=Sun, 15-Jul-2018 04:47:27 GMT; path=/
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1625
Md5:    418f7fddca7642051e9b8d312351f531
Sha1:   e0e67070006296c65b4c31912a04707a83fa862d
Sha256: 8c0965d115a1a4aed5016318226541ddeb57384bafb84db03ac429c94274d11b
                                        
                                            GET /pagead/js/r20180613/r20110914/client/ext/m_qs_click_protection.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 13 Jun 2018 20:35:05 GMT
Expires: Wed, 27 Jun 2018 20:35:05 GMT
Etag: 12203368232420338792
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 3669
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 115942
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   3669
Md5:    32a5ef33f8102ba0e7aed277ab63454a
Sha1:   1b97e6087ca5baed3d14d9cbe26ecc3fdc325722
Sha256: c1ddfbc4e4eddb3ea522ccb72a58e956033ecce01b4b6195f5da114d73e58edf
                                        
                                            GET /pagead/js/r20180613/r20110914/client/ext/m_window_focus_non_hydra.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 13 Jun 2018 20:08:44 GMT
Expires: Wed, 27 Jun 2018 20:08:44 GMT
Etag: 14617486786606014518
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 1411
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 117523
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   1411
Md5:    f51c071c9eeb9d0678ac063662ddc878
Sha1:   812c5a75d191bf5051671bd4914c10dab4d4e263
Sha256: e6e6a383d70030372a488b9f1945c32332e9b489d465c0c4eb71d59da20711da
                                        
                                            GET /pagead/js/r20180613/r20110914/activeview/osd_listener.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827

                                         
                                         216.58.211.1
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Vary: Accept-Encoding
Date: Wed, 13 Jun 2018 20:06:26 GMT
Expires: Wed, 27 Jun 2018 20:06:26 GMT
Etag: 16655751774877189429
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 26072
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=1209600
Age: 117661
Alt-Svc: quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   26072
Md5:    60289c9ce6eed638b9cf0437842e8046
Sha1:   aadefb24f6b1f3bb715828735d8604b5fa45f88e
Sha256: 668d0ba26c001f702e3433206902be9120b57bf79a0d41e7f26c60813013ed20
                                        
                                            GET /t.php?sc_project=11447196&java=1&security=d2251776&u1=3426D64A4ABA4F55269B7F85FBAEF888&sc_random=0.30203276348434493&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1176&h=885&camefrom=&u=http%3A//lokerantik.com/category/manajemen&t=Manajemen%20%7C%20Lokerantik.com&rcat=d&rdom=d&rdomg=new&bb=1&sc_snum=1&sess=7a9eb4&p=0 HTTP/1.1 
Host: c.statcounter.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lokerantik.com/category/manajemen

                                         
                                         104.20.2.47
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Fri, 15 Jun 2018 04:47:27 GMT
Content-Length: 49
Connection: keep-alive
Set-Cookie: __cfduid=d43694421ee733ab51701b14e2cb2c4aa1529038047; expires=Sat, 15-Jun-19 04:47:27 GMT; path=/; domain=.statcounter.com; HttpOnly is_unique=sc11447196.1529038047.0; expires=Wed, 14-Jun-2023 04:47:27 GMT; path=/; domain=.statcounter.com is_visitor_unique=1529038047152240116; expires=Sun, 14-Jun-2020 04:47:27 GMT; path=/; domain=.statcounter.com
P3P: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Server: cloudflare
CF-RAY: 42b2661243664279-OSL


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   49
Md5:    56398e76be6355ad5999b262208a17c9
Sha1:   a1fdee122b95748d81cee426d717c05b5174fe96
Sha256: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
                                        
                                            GET /stoat/610/s1.adform.net/bootstrap.js HTTP/1.1 
Host: s1.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827

                                         
                                         37.157.2.249
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Last-Modified: Thu, 31 May 2018 10:35:31 GMT
Cache-Control: public, max-age=100000
Expires: Sat, 16 Jun 2018 08:29:36 GMT
X-Cache-Status: HIT
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   13990
Md5:    6a2569db39e8d7a1e2ecb29c7d2f7855
Sha1:   161bdd7136a9bb936b11ed4dcb153f76f3545efd
Sha256: f640ec915598f5bcbcbc290104db536d02e44ef278b7da426da03fa868879621
                                        
                                            GET /adfserve/?CC=1&bn=22912596;rtbwp=WyNE3gAOuVcKso8CAAhwW62uVEVEVENr4uvXRQ;rtbdata=R9Mdx73pibSBugIUALdhquE-t2VBQO7Le0utZtYgQXzO-4VVE52e5XGSX0P4P2FHox1u06CRWq-dXntd1vE9Zts4AaEegQtIf4ofFRiWbO__VON51MsDddtwvddY8tsVQXCOy6P1cLv40Az4d7Bf7UWf7cr_JzAW55tPNyvDOyIwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGQsPQlfWWDcg2;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CIYW83kQjW9fyOoKeygXb4KHgB53Gn_FN9Zvb_t8CwI23ARABIABgw9ykhZgYggEXY2EtcHViLTk5MDY5NzY1NTg0OTY5NTLIAQmpAlq5t9iK3YQ-qAMBqgSKAU_QC-rKlF5GpPF7vTy4MaPqKdsMc2KHib-1bK8S19_0N72L4-cwcWKcdIG1SaZ1yqzEaeDKe9gm4vQevRYqyREfzN0qXKZDeK8Zz7RCDd1520ngQVE9yBy99Q06CJSnnvYRaIOG7Dywykq4D6ZlWRdZ9TygxMyfHVJXmC_VF66Kkvfy3BhNkSRSQ4AG1fGA0fX1gPJvoAYhqAemvhvYBwDSCAcIgOGAEBAB&num=1&sig=AOD64_3XCbA5179LoZGRkzlJC2Xjy0_S9g&client=ca-pub-9906976558496952&adurl=;js=1;adfxid=1x;5299;set=en-US|en-US|1176X885|10.0452|300|600|24|8|3|7|1;fd=0|0&CREFURL=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: C=1

                                         
                                         37.157.4.41
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:27 GMT
Content-Length: 2655
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Set-Cookie: cid=1577738855954059699,0,0,0,0; expires=Tue, 14-Aug-2018 04:47:27 GMT; path=/ uid=1577738855954059699; domain=adform.net; expires=Tue, 14-Aug-2018 04:47:27 GMT; path=/
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   2655
Md5:    7052b71ae84748279b86029e323c5643
Sha1:   f3d242d52b55b0cf916e54ada05685971c1174a5
Sha256: aba9c131b2146a881fb50ac3bb412694e19551d4560ac2af473989590be84e47
                                        
                                            GET /activeview?avi=BYXA63kQjW9fyOoKeygXb4KHgBwD1m9v-3wIAABABOAHIAQmgBiHSCAcIgOGAEBAB&id=osdim&ti=1&r=pv&uc=0&tgt=nf&cl=0&v=r20180613 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827

                                         
                                         216.58.207.226
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Date: Fri, 15 Jun 2018 04:47:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 42
X-XSS-Protection: 1; mode=block
Alt-Svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /stoat/610/s1.adform.net/load/v/0.0.152/e/ggCDgAA/i/8IG-xAAAACAA/r:AdConstructor:contents/ImageTag:types/Standard HTTP/1.1 
Host: s1.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: uid=1577738855954059699

                                         
                                         37.157.2.249
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Last-Modified: Thu, 31 May 2018 10:35:31 GMT
Cache-Control: public, max-age=100000
Expires: Sat, 16 Jun 2018 08:34:07 GMT
X-Cache-Status: MISS
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   35401
Md5:    e80881e4613ee59cc8bea3f5a479f9bf
Sha1:   2a4033a5401aad36dab946765c2cbcbb5fde5bd8
Sha256: 202e904837397771892fcb121539c5c3e771b4b5da8a4ee5bf30a7714e08f8e6
                                        
                                            GET /Banners/25105891/25105891.jpg?bv=2 HTTP/1.1 
Host: s1.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: uid=1577738855954059699

                                         
                                         37.157.2.249
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:27 GMT
Content-Length: 57399
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Fri, 25 May 2018 15:54:47 GMT
Etag: "5b0831c7-e037"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Strict-Transport-Security: max-age=0
X-Cache-Status: HIT
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   57399
Md5:    51e6eefa2591d9ca8a5bd0a096d50c9c
Sha1:   d31d00722c1a4d33b31c866d7a234557f7971c85
Sha256: 4cb7de1154dc22e11817cbda0ebf5d55a7b46cb22aa6be2446b1bde7982e170b
                                        
                                            GET /csimpr/?bn=22912596&csi=mr9tJpXgw1Vj92nA_WC-bdA6uO93xOokBxcErs0PwwX1NWAf8M7mSukXxPdTkxyH0 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: C=1; cid=1577738855954059699,0,0,0,0; uid=1577738855954059699

                                         
                                         37.157.4.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Expires: -1
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /Serving/Event/?bn=22912596&event=178&time=1&banner=25105891&name=Viewable%20impressions&imprid=8309553483340787718&icid=1577738855954059699&rnd=676663284&rtbwp=WyNE3gAOuVcKso8CAAhwW62uVEVEVENr4uvXRQ&rtbdata=R9Mdx73pibSBugIUALdhquE-t2VBQO7Le0utZtYgQXzO-4VVE52e5XGSX0P4P2FHox1u06CRWq-dXntd1vE9Zts4AaEegQtIf4ofFRiWbO__VON51MsDddtwvddY8tsVQXCOy6P1cLv40Az4d7Bf7UWf7cr_JzAW55tPNyvDOyIwYlLz4sBWl883w10YpNbk8s62dGCGkesL6UunYj_lHmtD1otcopPOyZs51wxLOXi0h8FXWbaCKCRw7gtwWMlzkP_7IbtdohGQsPQlfWWDcg2 HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: C=1; cid=1577738855954059699,0,0,0,0; uid=1577738855954059699

                                         
                                         37.157.4.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Expires: -1
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /serving/unload/?version=15&unload=1577738855954059699@@22912596,8309553483340787718,100|1017|0|0|0|0|0|0|0||182|1|1|5b2344de000eb9570ab28f027c08705b_1|||1|0|0|| HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: C=1; cid=1577738855954059699,0,0,0,0; uid=1577738855954059699

                                         
                                         37.157.4.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Expires: -1
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /serving/unload/?version=15&unload=1577738855954059699@@22912596,8309553483340787718,100|4906|0|0|0|0|0|0|0||878|1|1|5b2344de000eb9570ab28f027c08705b_1|||1|0|0|| HTTP/1.1 
Host: track.adform.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9906976558496952&output=html&h=600&slotname=2684312555&adk=1269738611&adf=807048394&w=300&lmt=1529038044&loeid=201222032&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2Flokerantik.com%2Fcategory%2Fmanajemen&ea=0&flash=10.0.45&wgl=0&adsid=NT&dt=1529038045928&bpp=31&fdt=38&idt=266&shv=r20180613&cbv=r20180604&saldr=aa&abxe=1&correlator=7792352631357&frm=20&pv=2&ga_vid=1836815214.1529038047&ga_sid=1529038047&ga_hid=1013072188&ga_fc=0&icsg=0&dssz=0&mdo=0&mso=0&u_tz=120&u_his=1&u_java=1&u_h=885&u_w=1176&u_ah=855&u_aw=1176&u_cd=24&u_nplug=10&u_nmime=92&adx=720&ady=93&biw=1159&bih=754&scr_x=0&scr_y=0&eid=368226400%2C201222022%2C21061122&oid=3&rx=0&eae=4&fc=528&brdim=%2C%2C-4%2C-4%2C1176%2C0%2C1184%2C863%2C1176%2C754&vis=0&rsz=%7C%7C%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=827
Cookie: C=1; cid=1577738855954059699,0,0,0,0; uid=1577738855954059699

                                         
                                         37.157.4.41
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 15 Jun 2018 04:47:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Pragma: no-cache
Expires: -1
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015