| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css |  151.101.65.229 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css IP151.101.65.229:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hash79877fb82de8ca50845081e3c9a201c5 4f6ea69c0e03431ffa1a097a45453b5b3b246d8b af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 Apr 2024 17:00:45 GMT
age: 261009
x-served-by: cache-fra-etou8220090-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10883
X-Firefox-Spdy: h2
|
|
| | 172.67.175.76 | 200 OK | 7.4 kB |
URL User Request GET HTTP/2IP172.67.175.76:443
CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1979) Hasha181ade50db79dd29dadb6bd2bde766e 65739d45ad770710bf9bad5a2790e9bbc7d8f51e de9ffee95ca76c960fe4e473d63b680ef321f2e0edb1d0aefbdcec8275d40839
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DosQQZ1q7pNV7zJCTxaeEsQf9ScWLYDjDjA6nJnRZmf%2BBeEusCoDDc2QjbSk0wdkeTwXuNilbd7mgW7vLzdiPqKT6tmGD%2F44HpQA0aR7CsnAg5ujE1j%2BaAskykgvlebM4akkAE8P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df917acbe1d22-CPH
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css |  104.17.24.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.24.14:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 173449
expires: Mon, 07 Apr 2025 17:00:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5jeiWfUTUp8Dwurjem3BsWmFN1eB5xQI0gyBVtAjsEntDYJ2SdzrPpc%2FL1daVonQKTuFUO8uwIrihAiiEsDSQU8sxZkWjcOmw8n91tRF0kR2VNHkDigbG3UW%2B9PH%2FSs1Wmtjf%2F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875df91eb9d58f5f-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png | 151.101.65.229 | 200 OK | 29 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png IP151.101.65.229:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /gh/gowebid/assets@main/go_login/facebook_white.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
accept-ranges: bytes
age: 22834
date: Wed, 17 Apr 2024 17:00:45 GMT
x-served-by: cache-fra-etou8220127-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 28789
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp | 151.101.65.229 | 200 OK | 1.6 kB |
URL GET HTTP/2cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp IP151.101.65.229:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeRIFF (little-endian) data, Web/P image Hash8e2c62ec296ece5f6a69e2cfd1133310 a6ae37e62d2f201d0e783df0890df55bc11d52e0 ac250ff6fe61157727de9e17fedeb5c162452fc1aa031c4c1fe2f8eb3290ed98
GET /gh/gowebid/assets@main/go_login/vk.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"63a-pq435i0vIB0OeD3wiQ31W8EdUuA"
accept-ranges: bytes
age: 15439
date: Wed, 17 Apr 2024 17:00:45 GMT
x-served-by: cache-fra-eddf8230049-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1594
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg | 151.101.65.229 | 200 OK | 959 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg IP151.101.65.229:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeSVG Scalable Vector Graphics image Hash848700651ce9c04987e04f292c598cba 976fc1619e149ed6161d834d5e3c3be7b7957669 f0562ef3624d99ef205211177586097eb7ebd8f5b31711d335a74d368c75ec27
GET /gh/gowebid/assets@main/go_login/google.svg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7ea-l2/BYZ4UntYWHYNNXjw757eVdmk"
content-encoding: br
accept-ranges: bytes
date: Wed, 17 Apr 2024 17:00:45 GMT
age: 24830
x-served-by: cache-fra-eddf8230119-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 959
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css IP104.17.24.14:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (59158) Hashc4af24ce595437830af0a401897698b2 06b7f92dd894a9edb0aeb9d040b489460ecff593 d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
GET /ajax/libs/font-awesome/5.15.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: text/css; charset=utf-8
content-length: 10472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e7d0"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3102931
expires: Mon, 07 Apr 2025 17:00:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8CiB7qb1UsI4qZXyonetWWf7bWu8Ftt7DzCNrHm0kxVQbIQ1POwf%2Fu35F4fOunImZ6Zf93QQSr6E3HZiB4XJsfjo5LE7RaF0Hp%2FpV%2BW6PDjx6NBdG2iI3K6RQC1kvUqO2YsYtwJH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875df91eda298f5f-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xjb3iya.ktt55.my.id/img/senjata/1.jpg | 172.67.175.76 | 200 OK | 78 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/1.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 999x1024, components 3 Hash5b9bd06824081f3370d369a3bae652e7 d6e93b6128cede7828fbc922c6c55ca8a257b303 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/1.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 78490
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXBA%2Byp8RLtQ3uK9cAXh%2FPlra4taka3dNSveqjHjWrMO0ZlsjqlvrJ6k4gXfEpGHCy1P9If8EJp6MIeLQO%2Btem%2F%2FpNQdVhMmTDchEC8S3UKNjYSkT8wWCdXwRRveTZI6Jw2ROl5V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fb092e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/3.jpg | 172.67.175.76 | 200 OK | 78 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/3.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hash22481399131d102cfd8f0a54a7cc2477 6d3d8b0ee6b75e568dc105596cd65b788a2d62a9 a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/3.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 77540
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cefIka2lmJmdgj47M6Jd3pINIOvtL%2FcO%2B1iqoqY8gTpej%2BN1oTuYYfBcxhGnxnpWXbAe%2BzeyrrMMWDuIw0YvhazhWXA3skdGdls9NZnSrhquXeUF4%2F5Ta9qpzzEBavXNaCRbwJBw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fc692e2-CPH
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xjb3iya.ktt55.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 172714
expires: Mon, 07 Apr 2025 17:00:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EX%2Bb7StV9d2Y3DICnhdhh%2Bhc5N6BgjvUBtZgxz4hawVE4Ic2oRXmCaml%2BKWc5VlsJ1x6tWUZFx1utpOGLaSRZc5Q0furx4PeU89zDEGP8Gvab7CSYcSNnVdWUAje8lh15B1Rwj1m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875df91f0a6a8f5f-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css IP104.21.234.230:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 17:00:45 GMT
content-length: 14
x-github-request-id: 1CCE:28FDF2:38D74F1:3C214C9:661FFF7C
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713373053.970612,VS0,VE162
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 15252dc50a940810d32efe8e73017076a29fb5eb
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wGHXt6XfMRKTpwQgecFUkILrMZSAdwUO7v%2F6QKYeynulmny6r30Fk5OsrEYflxkH1TGc2e0IH%2BWOYx9hDkbRLVf5y4ri3sK7mYVAGx4pvoAbky45zL%2FWUkq5lI85xG8V3bOGxPE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df91eda51635b-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xjb3iya.ktt55.my.id/img/senjata/4.jpg | 172.67.175.76 | 200 OK | 73 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/4.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1029x1280, components 3 Hashd078a634bb85179223fad3b606aa4cef ea158abcf539ce182bad1da6595b89951dae57a6 2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/4.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 72574
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9jbOeGe1UYPmtwnHXnmhYslu%2BalUwathE1XDeWCbzU30KJBNjO1K7u66I7XeVpAL9TujMDa8o36vUnASrfBGvl0eZymgvcUPB7XlumXdZnzYMBbum4IuCvWKPuM33nmw3AY4nTgu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fca92e2-CPH
|
|
| rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css IP104.21.234.230:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 17:00:45 GMT
content-length: 14
x-github-request-id: 10E6:28A883:F06C81:FC1E23:661FFF72
via: 1.1 varnish
x-served-by: cache-hel1410024-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713373043.669840,VS0,VE159
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: fa6be45b5f4863a40f338705120702d6f04bdb05
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYzJyP%2BCwWT01R6sGD0weQ3U2dC%2FQoVDY%2FwkZhyhwOi1D41SeNq%2Bxn8IMshBGXCF0YCE%2BsKgFGr%2FBaTodF%2B5v9is9I2egOS5Et1K5kI2SqAggDKcPk4AISSw9YNBsWBZP9bhwP8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df91eda4e635b-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css | 104.21.234.230 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css IP104.21.234.230:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 17:00:45 GMT
content-length: 14
x-github-request-id: 5734:1B1FB1:9A057A:A230CC:661FFEE3
via: 1.1 varnish
x-served-by: cache-hel1410028-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713372900.585709,VS0,VE166
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 7c05364a6d51092b42c2e45386b542e4ccfe7f4b
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: STALE
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmoPbis1y2YPH00HWi1ujhPTlJep%2BV4UYuq2%2BCAS6xCbtXEbok%2FTCG7XhdsitxW1VC0rPduvZaMcPxjTcmgAsPZxdHDU%2Bw9dZ2Ph6salN9Xdowt3DAGxsDqlrJeyf3Y%2FeQzqlR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df91eda53635b-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xjb3iya.ktt55.my.id/img/senjata/5.jpg | 172.67.175.76 | 200 OK | 83 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/5.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/5.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 83104
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSixThW2BqXfkWCmhyS8KvCZPn8FVO8oJxI%2F21o6dIzsNJZezIxh6tjp7rLjD9VVN80YKa2Y9jDnRTJO%2FEk6YmN1HnYZ60en6voReDNegA9eODjYpwX1ANAkq5uKxMwDE69zfOSh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fcd92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/6.jpg | 172.67.175.76 | 200 OK | 84 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/6.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7], baseline, precision 8, 560x740, components 3 Hash6eed7fb4cf035039f3bba04778cc5db3 a8e6952294e705c92a86db9394874062958f8f47 9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/6.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 83638
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5d5XAFs%2FT4yQcPpJx0FyhNRJMaci8dg4EZGMMyWvvUrSQLGcDsqqtp9TaiRHzKhkj4FzQUROXfxHlzRy1P6KKuXjwRzAO6hm%2BzfsbyEOi42NHBspj%2BMVpZnWgAM1xu12OFYLAfB4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fd092e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/8.jpg | 172.67.175.76 | 200 OK | 26 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/8.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 335x354, components 3 Hash042df6ae6e2a48458b94a41111fce6da 7785d4cd7f9ab767f3ab8495e94c1888e29f0542 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/8.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 25821
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uoa8KhmZL0jYBOap0yn1yZwdXiWpVbY0fWv3U5l0%2FHb7TdC%2BeL3lOGJOKzq5jpvY9tqS29qbpKp6b438Rj364PsbB5vwE9bjz1UM1w2Aj6y5WxO15paqGc4HRkdw2lX4WAwt%2FjT6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fd892e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/9.jpg | 172.67.175.76 | 200 OK | 119 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/9.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 962x961, components 3 Size119 kB (118900 bytes) Hash1daecd6000bc56f1faf1d9cdffb67dd7 a0b0f2fcbb75bbaa84ec7857101cf93d39f3cdeb 3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/9.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 118900
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GlRwPrjlHVJlHScen5k6OBaMVEx40JWozjmXeLJYTCtbZOi2WIO8MaSHwih5T7R6i%2BnPQEtSGqQuStCWL7DXuUqTVsWrECAuJy6%2BHuMPY9GOdW3pzAp9TsT2Es0BXmK6wGLri76f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e5feb92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/10.jpg | 172.67.175.76 | 200 OK | 83 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/10.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/10.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 83104
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJUcNhSAZUSelmCJ3u7p%2Fb%2Bh5g3IzqnEB%2BkFU9lHZMQC8hXO%2F9IxthyU2ZtXEC%2Fg9epi6mTaXFE2a8WRu2Awqnl9wPFSgHRwWtVY861i1KBlv0mKLAmpG54V4BOCBH8wjhZ0One6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e5ff092e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/11.jpg | 172.67.175.76 | 200 OK | 47 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/11.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x740, components 3 Hashdae76322741301f8aa1384636c9a0b15 d1a9b81837d1660dd92b0fe3cc3439c4ece67cd0 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/11.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 47405
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2FKAz900OMqzDPzJ7%2BGQptwzX6xOD8GTU09EijZ%2FXE8bR28gFchEp5Wb6TdMn3sH%2BRAuwdg3trl2ToGgs7oKkxNrMMKmEGiOo4yI%2BBgPum8NggHuRg3qhmlx6xMWDXMJHjnQwmi7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e680692e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/senjata/12.jpg | 172.67.175.76 | 200 OK | 47 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/12.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 233x290, components 3 Hashda8902b3f1e8f5dbce0873022fe55ae5 b1956d7420881884baecf03d9739f8c82f857d1a 480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/12.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 47259
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwk9xAEMJE2M%2BEm07H%2BqDqhQe23gtZBWjm4GrRFPoLrAy5jL%2BVbjoEDo9fMMWcSUmTtZbciGkMpwRx8Z6557AiS5BfkJNY%2BTRQD74mw%2FJkG%2B8tXc854QmS8W%2FKDJAoMBKBQsOIKW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e680892e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/1.jpg | 172.67.175.76 | 200 OK | 59 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/1.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashd0c711d1ab95b03a1a1f733a60ba8984 eceaead218d602337bdd89ba90fdc31bd70f0156 8e50767bd0edcca88b3b611cd905e3d05b34b04447076fcf6a3567cf55f3bb20
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/1.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 58745
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4O3nqv6TjEzAxTEbdw4hkQoIe92DuYb4sSumcr5uaV55ElNHVwqLbLPsKCGmWHYoIg0%2FN3JMfdFmzuje9kHl01ifZV9O2fjC7tyXlZxmLp5EZVNF4AzlIdfesCKoGb2Z8JFAqT6h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e680a92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/2.jpg | 172.67.175.76 | 200 OK | 43 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/2.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashd90e22f880ff0e9cc33ce41a6bb541b2 a4f08fe678a177545600ba36b25c83a8daf5fd16 10bc32127a5ceb3f33fc38029145931334f6f49bd7274b62697036fd59be2f65
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/2.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 42687
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcXZekl7whQKTp2xjbk4dXsr7syC1j7DZofnJubMW1m2HBlX0HywHigfFkJmR1TFyK3bVcDXhSzbitlpNHiZKpfJDCUmimgDlId9QBDf9eKA05nVpIrH5xvXgfu4O9O%2B2HNhhhM%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e681192e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/3.jpg | 172.67.175.76 | 200 OK | 58 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/3.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash316dfba4d81ad853bef7088dbe9737ca 38c7bdbdb9b227c060d6f5474ba807a0cdaff4a7 258a47a929eb483613c81aae8432b705d949ac9facf5a5c02d7d8d4a3db823af
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/3.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 58510
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMQ4DUJGQf1NmFNGMFd2X5yAeMDTDcQTk2tnvjVY1vs8r9pO76Y2kwRz0cJsKoYAvNS8MtkLA%2B2Qjotmg%2F6o%2F%2Bz6IaSwQoiujJMmvb%2B%2BmHtwr0%2FP0PajUY%2BqjtT1Z9zl0%2FTmh40m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e681392e2-CPH
|
|
| filebagasarya.com/img/border/kotakepep.png |  188.114.96.1 | 200 OK | 363 kB |
URL GET HTTP/2filebagasarya.com/img/border/kotakepep.png IP188.114.96.1:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfilebagasarya.com FingerprintF8:10:79:DD:D9:42:FF:FD:E3:35:9B:09:62:4F:9B:40:07:DD:BA:85 ValidityMon, 26 Feb 2024 19:06:41 GMT - Sun, 26 May 2024 19:06:40 GMT
File typePNG image data, 961 x 629, 8-bit/color RGBA, non-interlaced Size363 kB (363097 bytes) Hash6a0d6db85cb8f20004a16ca4a3460a97 6c5aeba02f9302fab56fd73dcf4cdf75651f5a21 8ed2ebbb47a51b8fffb523a1d6654a8cabc41fa2ed10398d0ce64f76fcc63eb0
GET /img/border/kotakepep.png HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 363097
cache-control: public, max-age=604800
expires: Sun, 21 Apr 2024 19:43:56 GMT
last-modified: Sat, 04 Mar 2023 12:09:25 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 249409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuYK2YOxtengcqQ%2F8AZ8NDhstFXMuKHiGpbDTDzzflDCeN3xEm6M%2FYOcMYJ8dRdkn6ScXkrcxlWlc7LlzUXRd6SJn9uMu1yVIzsT0FmuwjCakSbUvAst6KPfipjZfhvWraGgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91f0a35be4e-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xjb3iya.ktt55.my.id/img/old/4.jpg | 172.67.175.76 | 200 OK | 78 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/4.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash47bacaf7d9e42c0551f43472624e0b33 f069dea9f1f7c86358e1a5529ccac2f7e3b7369d 1a91aa8dc8c721db22e66f1f0911319aed59816a8c7e709970fbe9ca6b0c9773
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/4.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 77706
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LTpSlofrIgB9652B3JTXwS700cAqf8dUGV2NcTvTne%2BbIsN2r6gtiDxaNk8N64mWzFB7oKsr8IK2ygjf%2BW2qodPUZfeG2aqeJeX11Z2kQqAoRhZZKLNyyDiVtn9pYll%2FtzuSiTtm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e681492e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/5.jpg | 172.67.175.76 | 200 OK | 87 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/5.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashbd612732360a5da1efb70d2f26b795bc 02d5ede707c6313e2335e7ff7a9164b5ee7ec877 9e5329360a8a2ef8a4ab0ce77f3230be443c093a3a3f02a007641e3f6fca5f5a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/5.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 87053
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZKG6fAt5JYSPcHpUDpZbi2VvIye0RH5dMRL8VPV2zMX89K0MhnrJpcxAabSyPXF65o29tBsnwGkBkQuSFfE%2FbqbSHVPJY3OqBwkandNYBD%2BHQp4sg%2FdXHGIEp0nyY5fkpudvViN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e781b92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/6.jpg | 172.67.175.76 | 200 OK | 79 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/6.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashe53f2f3d3d1abe0ab8119b8a87dc27c4 d702efd2b2011beaa297d87b9a93ad7b48fc20eb 51646465be1a3b745191c5cb6dceda47fb9be8a1c859beb345660fca8291e824
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/6.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 78581
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HSQLT%2Fh0jiGAVfl1wZ0KnQZ2GWG6U9TU8OZO7kzWRQtm87uD95mT4qR5L7w5RGN4tbKMbutFIp4YpCBYaSVOdFV6bssJsFtv6B%2BWqKGziNFoD0OgDgx7FO%2BPJG%2BgpUHzkjhXFvO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e883392e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/7.jpg | 172.67.175.76 | 200 OK | 75 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/7.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash473caf5f238322583e04e7aeee46c2a7 e56ebd24f2179527c21ab1262180ca834b6c5d24 622b5322352025505e01c71ff1d6520e62ce1f1211fc11efb3ede9d24a110c75
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/7.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 75427
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RQwZEVflX4IkVZ%2BZQmTVE20q8wJ7u82WWRlcJQQF%2FtWrVrDONbAh0N7bDLUfRvDbyJuB0GUObkEsG%2FgqLpp6q8zac1xKmFbGZ%2FAhwl1yr%2F7R%2FK8LVB%2BGmTWKy770ORqlQP61%2BRp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e883892e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/8.jpg | 172.67.175.76 | 200 OK | 85 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/8.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3 Hash5b988ca12f0928c882f7ff50a32ffe01 a44b37e7bb7ecbbe76d47b084cd94effd6e9f552 0eb6a14eeb1c27e7c3c471db0f10c25eea89a65df20b2dbeea6c9ee3ccc0c78f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/8.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 85199
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fw1XiGqK%2BpFeTHSdtqQNyvWLC69ZVekCPgkYS8wRlhRaUDrjJRqkFt6yMnkazdzRvGML693KKSJu8OoMfdDsHsPG03X4Rs08Nqx4yGoMiQnsqRATAIR%2Bl1YVh7Pn6rm6xfA3Xn%2Bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e885492e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/9.jpg | 172.67.175.76 | 200 OK | 92 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/9.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3 Hashd3fa373bbd9a288f7162ffc76c179ebd 1add685f2def7f1c8d359fafe5f2ed3761e0188f 63fbe80d8ea4766ecc80faddd1387ef9681cb2ec2b4ad45164f4b36ffb4e2e43
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/9.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 91553
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:29 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lhvrUB6aOZwgdQPucvA3JTM%2FcuF6mDrTpXhSeuOs9dpcQsr5hWRaKiBpTBAGrRoGIGTDWmtMXNn%2ByKO6yfWu0ByOYAvVTljnJ2y5hWPUAFkP07O%2FO7w07u%2BLFstz4gwwuRdkw8vU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e985b92e2-CPH
alt-svc: h3=":443"; ma=86400
|
|
| xjb3iya.ktt55.my.id/img/old/10.jpg | 172.67.175.76 | 200 OK | 39 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/10.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 684x916, components 3 Hashbf58fb6f6463a1720fb1d0e0f58a3896 e0b9c0a61b1c60fe8748c7d007b981a3b7056489 de9e872524b79699ce8b0624de9bba409dd246d16dd48f171e4ed1072c00cfeb
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/10.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 39371
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2AQVI25BZs5k9ryzC%2FrgwOUeXmpS0W2BYqnzxDgPDTZ38Li53SS3N1YB08qgI4Gx3lTNYjXpWmWY0idgzFJzkNJi%2FPuuw07uTM9qWfXn2xQYnKO0cUtuvl6VNIgxxQX%2BRCaKAq2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ea88a92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/11.jpg | 172.67.175.76 | 200 OK | 46 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/11.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 940x1052, components 3 Hash0a4bc07510a030baffb2ec9ef5870aea 453b316a4e3fa4d955e1395280d506761156a06c 908c3acad2bff2c347166113be45b73a35869eed538a900acca3fedd81ff5183
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/11.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 46471
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FVNv6aScsVLSeJlzaQLQ2NMn4lz%2FYz3KSsSXAveEmHWImB89QfRPagkRswKe9Bn%2BNHoyA1q19vB9fq6ReHaZSzoy5PmYofV0f3d%2F%2F4tS9JSSbcrqEHdsjH3F6QIJIGY7Kl2VHPJE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ea88d92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/old/12.jpg | 172.67.175.76 | 200 OK | 17 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/old/12.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 540x688, components 3 Hashf8351c5498cd1e97e3db1dc2e21f6cef 1b831a0dc34a8bf15ba6a10ee8b02bc010f59016 b9b545590950ff252a5b53bfc9b3d64ed373aee3ae94dec68033d0c857e8b3d8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/12.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 17081
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vV%2F61OGEg9%2FXlHDkCx4cvbMugYUaTV6qpCw7Rha1vPfsPDye8jyVvxUGr5jyHkMyb%2BXYlO6a1I%2BHK0xWhppIHNNraqEt%2BpNYb6XpZsFJHv4nEAqkD1INKlC5EICjB0Jgo598Lt3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ea88f92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/1.png | 172.67.175.76 | 200 OK | 2.8 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/1.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashbd1e125844fffc6d3485bcf93c224f9d 2782371542228b448959c8610cf3790b662185cc b8f4fec91600d5be6d465792f7f7fab635d01019e148fe8b6f7bf59f717041de
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/1.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 2814
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opdckLZOE4tu9diQqMXe17G8Diqdk2nJrgO0ztYjZTJ1THOv56IzxBJjNhHyfRnlK0CgMyXCnvqF31KrgV5mk%2BfA2X%2BDkgD7aOYxAlZvNX%2B52bp04CH4fFAVBgDC9%2BdcMInpikk%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8aa92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/2.png | 172.67.175.76 | 200 OK | 2.9 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/2.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash63344bf9eaf1a509a9f8a749a06a36e1 0ff516d19ef2ff1b9a44ab20e3eb9579a8894654 788c47722a4dc77173ab620f196bfc24a2d8668bcf08f9fd296574545cf700f1
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/2.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 2878
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5prJpyf4jw4B7sbEAZ%2BH6s7PRs%2BW85nlxBmv7X5pHfhkxkjyXBxDnn4t6CuYLuCgTF58GVrV2%2FRAJNSfaASTteW4m2j76eSNvIzN742aPB4VmI3o1foGYfz9sDHEOlD%2BNuowPGs4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8b292e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/3.png | 172.67.175.76 | 200 OK | 2.9 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/3.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashdf5bfc626761a05e26222598f27cdf15 ed37075f86574bdeb39a5608384d722f8347df03 762fe8a43c859633d41642dd93c10478d3dacf62ff1310ddcefa17db5fa61f29
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/3.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 2875
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FDFb43eE9VQgnPmdgcIkNpK7CRxoblOI5E%2BQPMFhJ8cAyJEqgWE8Y9%2FtH2cyT0EUbkoWDeLou3hJoV9yaMGfVOfMyodiir4JFwYGgYYh24BXVYxv%2BGL22A5odylq%2F44HV7779oW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8bf92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/4.png | 172.67.175.76 | 200 OK | 2.8 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/4.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash9322979ec6bc2f29f5f0215487d1be4b 17302260777757a2a811b76ad1d0e96a86781df7 6cc42f3ad3aa5606237a601793c1fb42458386d888adab6cf9077d23887eefed
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/4.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 2761
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=syZjMHLjuBMJmaZTGid4Eh57bg7NxIPQFHE%2FDmxz7oU1%2BBBaKojBIXziLxAoBYQlSFJn9sCywUBfCl9tN%2BT2PxnTwXvgDjYcGxtTg01OCF7Ea51l50TQoguyA57qwHrM7NkiS73t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8c392e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/5.png | 172.67.175.76 | 200 OK | 2.8 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/5.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashf7fe1bdb99bdc8d0685e5f4bb5bf4e4c 965db0214225f37399495346a972e83c83f3fcdd e436ac38500431763697f5bd387d494324f320b76b25c97e29938d90bd7b1557
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/5.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 2779
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:31 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jK0SCh8MOvzD5JZFiOk5zjAG4ddowWmDHS2vaHG%2F4lY%2BtmEkzkvU0TptmqY5VAb1LgNZEU5168XggEYO7v%2FmnTf667WiVO76u3uVkfyGvoVWOFSR%2BZM3%2FDmiyzxFYprvaDFwsTFg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8c892e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/6.png | 172.67.175.76 | 200 OK | 2.8 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/6.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash2230594c80150378fe318c774eb216a4 918a13f5861c368c3b19c75cf8ca362b0b29a48c 43de460f27a0d3e43b13b5e75ac00da6ea6b54fb468afc4cffbd53709ee556b4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/6.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 2781
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bgs2bOFLbN9EsGJenpO%2BGBoe31moPtiaRNFNpCBt4c2taJNJadGmmzFi5w5rqvDKaxHfKQCH4dQFvl%2Fya4nMFJJw8yUFgJUy0r%2FcF%2B9fU3Z5MwsTYtm9wRpbcOB3dcmNvdcG0LEo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8c992e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/7.png | 172.67.175.76 | 200 OK | 12 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/7.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x290, components 3 Hash31c0214a044bb8cc98cab002fdf9bb94 c2b483949f3267aa679d364ce059d1babc3e8f93 585cf192d586d254d46a7a066980137a06e5a23592e66dfc4b54bd6c4b63e088
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/7.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 11823
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2ZMJsS2YBFg6thUkArsUg%2BCjoforUR7KL%2FqpMYaEChDocgzQv3dPVT4XqxZ2MfSpn1Ku2MeLryuzuCkrwl2sIVT5lu7VbRlfhKrjtzkzTCk%2FhTnjYV2bHMMwTRETbHwRERRfDgZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8ca92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/diamond/8.png | 172.67.175.76 | 200 OK | 13 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/diamond/8.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x290, components 3 Hash18d7331b2312b85b1bfba110763c7574 9186a2527194478a524ffe4b7ceb5e61410bdd42 6afcc18ffa172755862f5c6dc3f20d9c3d6ee6f5f399df00e8568bf747e1cdb9
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/8.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/png
content-length: 13341
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ielOkClIRU38QAYIk3UYxkMSSUbgFOSd436ItqVGQz5RNtvWoTN%2FLh%2F99W3W5p9tA2I%2BHzGlku7oZwJBkavhj53IZQMpcJVlLaM1VC%2FHgYw7XWPT8KJGz4auvPX2irbtVAHhyaZE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8cb92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/1.jpg | 172.67.175.76 | 200 OK | 64 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/1.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 559x559, components 3 Hash7c17b4a223a7baf1931ddf915972a1d7 49fa779105da34bc66ef240ed71719d837f1813e 7eb51057deb30db7c6c2900040a45178726b5a63c262f50ff58fdcf876cfa463
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/1.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 63579
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwG9rpHdOMfNftI6nhHf0cmOVR3fVuR3v4NCITpq5YBeI1xTNJ2svJidpQkjrGQguY6qGQ0VR9Jr0bSF4cLuYxqIaeNV2gNVaf9RWg6LzR62pjBgywjo%2BurwGGugdYqrKwkg37LV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8ce92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/2.jpg | 172.67.175.76 | 200 OK | 60 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/2.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 565x565, components 3 Hashcaa25bdeee31b9bf65b0558ee9ba03d8 7fda495e1ba5939dacaa87e1231a72e40111e600 35d68e25f22f6688e3a8f7cb2f354cd45b09c8523ba6d4ff53c7ca64d3c9e1bd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/2.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 59531
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAX64yDguiqzkHrfy5ftW9uv08vbb3dML4PRlSTpwcUcr6bGIdvz4YAbpKCm%2BP66lAGYFomGGrHRA%2B2WveZmdjM6HhbmiIjgD3Sgn5mnQ0jjBt3%2FSTcGSeJp5FTCNaEfofSvd9I9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8d092e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/3.jpg | 172.67.175.76 | 200 OK | 59 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/3.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 562x562, components 3 Hash979aa3e91bf0371884c91706db7a98c1 658497a52d5551d138d3401210ddf2ecacfb20fd f451a298d4843315ecb7bf2500d946295ecd6776aaf12cb69574bde1aa1f395c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/3.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 58631
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NuimXuaQoxLNn%2B9%2BZY4lBmCyfA1RR%2FLS%2Fe6%2FZ3vTjKVgdJaTz0SzGS6qbwVO3IBSToBMKosG1LJeFgxnIpBAJwjSKvq1lKirj2lthfpkyilwTuEPbL5dsSVxieq8ylVgaTThoarc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91eb8d192e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/4.jpg | 172.67.175.76 | 200 OK | 64 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/4.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 575x575, components 3 Hashb5204e496f3122192acd17b2b186b45f 7150bc610c3e4104dd5b101654c9f37406aa04a4 f95ed204614a3599b0bb6ffdcceecb74cd5dc7a60e26ca4e235f1a2a82c5c518
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/4.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 63944
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmacRYUjdCT2yZjnNhr5wITWyLMFWfsX8fm3RqMwTOFiqJC4jboiI6sB8pMMyYpdchFdMrkgW%2FtoXpKm8a7TkzNsNFfxPUPD9%2FctwmqoCZidyU5CDMG1aE%2BV6mSxmPnrsbyv65be"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ec8df92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/5.jpg | 172.67.175.76 | 200 OK | 56 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/5.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 568x568, components 3 Hash5e7b7e726f0f5182f4268a38b3a5ceab 6495856bce9af91b8e9d728e0e3625189e7e452b a04ed1b5cf22b5ae79a1bbca52ee14f9ca03a83a36c6ce16e7ecb870e95aab55
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/5.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 55457
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGgmHWxJ4KZA3ugFRarDZVDMEShxgh7XL3omboGpBf0Cmu%2FtdHTfFcEGMbIlXt4Mr1bsX%2Boj64eNzRKWnrwmStA5cTClbI1iboZITKJYHjaua7xGYxiASz8Ic0YABCGKzKZCmv36"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ec8ef92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/6.jpg | 172.67.175.76 | 200 OK | 58 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/6.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 568x568, components 3 Hash933113087a731f60a1b1612d67f969cd db40cd025a4738ef85cf2c514f00e69b5d817df3 54fad0de66506819441abb12f48b499596b374f441fe0aaa7a6e9d7ec0668a5e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/6.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 57623
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Xy3w%2FwwlZLAjpsF2liVxTtW%2Fhwpi%2BbRAHqFq4Ng26w4W9MUzYjyyYSeUxbCby1zsZ8x09dhuaYBxozIp0sIX01eS0CqQjdZEqtv3FMvV3feOjO8AwO83HK3cidKfXC%2FWLiKRlHt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ec8f592e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/7.jpg | 172.67.175.76 | 200 OK | 18 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/7.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 203x273, components 3 Hash2e1e3735e5def5bccf44e87f9ae76a95 f3b503d9632acd9e0cb700f7f5d3712da6fc8eb6 f3c3093e4cc9c4988c843918b523d35b42ea7d5ebca79ea89c04c0e661def0cd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/7.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 17868
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNMYp8gM4t5CkH3v3%2Bsw3b%2BLHK1Q2h8x%2FJvkq9cwC2kG7ruMqzxxYJOaThrFLDw7U28eEy5OoWMc%2FAdFh0rgKb3WhHhx34iVAw6swmXZGl9stkOm4fHjownxFZBS%2BTqKe8JWI4Ur"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ec8fa92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/8.jpg | 172.67.175.76 | 200 OK | 17 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/8.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 201x272, components 3 Hashbb4c22bbf88632acaf74735969c09661 06ec1ada0909e6a314640ea32195f77a6ea832b9 46a89f72eddd4c6b4447622c23bdde5e861bb7afd8a4d1edef030841d373093a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/8.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 16726
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDZSSBNGHSsbybT%2FESZR50QV0gEAGBHDBnn2SIK6d7UfjTrbXzDEoBUbRHDO7ACyfKomePlkyqEWAYVoMQf%2F%2B73cgdrfLt%2BpUdXJeHxl9sdW0kXidGuHZEsWHzRmI0TBwIHZUOBv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ed90b92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/9.jpg | 172.67.175.76 | 200 OK | 18 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/9.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 202x273, components 3 Hash324fa71ceab25917b1b39275f0510c34 b15a87ed1e0d8915f9bbddcc634e5c19cb9c09c7 37e9b832341a9e17a95ef5f3d8d1175cc4d72cb67847b8a2eea9025ffe0570c9
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/9.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 17945
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QErBRWj0GBhj%2FEXqPtQwtLIusGeGnoM1L62U19rBiQl4GdPldKPMOYqWkL9lZkBhaZ4VTsZJ2Hcf0l53HJQcRvx8NSGrR%2FJlWWCwi%2B%2FtovlGB1jXji09aA1C5zYR07z1ff6toTBL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ed90f92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/10.jpg | 172.67.175.76 | 200 OK | 15 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/10.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x270, components 3 Hash6662119a701a284803239bd63e60a9f1 331dcad42c43585899aef4049ee759c48b47a464 7dad6721e95be42ff263df89e177b04725f23b7b37a2e7ab7f97e35e5fd02b16
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/10.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 15353
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVg%2BUqjUp%2BE14GYcTiJed5NUPy6gDsmSi1qC2k0x%2FoQveqTerhzBPJVc7liLGUKj5hF9mOQfiP1xyt5wMJ5YRNqWzxP7hTYpm%2Fvv%2Bnrzg95ft1U57dDIlzwdvXDBB57h%2BCWODyTA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ee92b92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/11.jpg | 172.67.175.76 | 200 OK | 17 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/11.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 201x269, components 3 Hashff130cc7c9b4f2b0b8da9df733b6e46c 7552f1af69a3fe64f388d89efc0c2afccbeba941 a738fedb10c230981aea2faeb99e56ba0f4b80d576559bbe99bc569abc28967f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/11.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 16631
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KA3V27oEHDipQp%2Fwkdxo9Jy%2FZEpgMZ1dkqP1LNeJSzRv5%2F2ksZYwLbVgIoWpBf0mtEFYnm%2FsWr%2FSEcR6zdJ2Jrpxs4S5%2B5VfHUDqMYB6p8tCVtTKDmVi1GsOTEbXgcDTipkK%2FIEw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ef93f92e2-CPH
|
|
| xjb3iya.ktt55.my.id/img/incubator/12.jpg | 172.67.175.76 | 200 OK | 17 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/incubator/12.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 203x273, components 3 Hash89bf879f77e2c739090f65670e1d543e 10a037660ba66df86c1e1dfdc309425a5b81a691 da57aa220b2f676a0dfe336fa5410675c9801312cbd50ccb59f81028e6cb4213
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/12.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: image/jpeg
content-length: 16838
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 12:10:30 GMT
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 17415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NpulOyXg1wA3W0h7TdRK%2FtP5IX3dtwT77IRswbRtBjNb4bzApxosSsVpw1LcZqd7Ei4rK3lKxOl8al8S7Gtm1%2FKhXrlUiEWRVEXxs21vGtV9sf8o3sRfxHz%2B1e61DH9ocB22p0V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ef94492e2-CPH
|
|
| file.gifan.id/fontawesome.js | 104.21.234.34 | 200 OK | 11 kB |
URL GET HTTP/2file.gifan.id/fontawesome.js IP104.21.234.34:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgifan.id Fingerprint65:21:CF:78:C6:F3:9C:82:42:72:2D:29:CC:E1:28:F9:68:C7:DA:50 ValidityTue, 26 Mar 2024 02:33:24 GMT - Mon, 24 Jun 2024 02:33:23 GMT
File typeJavaScript source, ASCII text, with very long lines (10594), with CRLF line terminators Hash7653d4719abf98a98d6e9412e33976e6 0b4414adc9da488b97830ce789a79994ba55aa23 051afcaea280590a5c6a5c472ad0852783d794a8923c4d26e388656fc9dcd791
GET /fontawesome.js HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 19 Apr 2024 22:28:02 GMT
last-modified: Tue, 03 Jan 2023 12:39:32 GMT
vary: Accept-Encoding,User-Agent
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 412363
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzfLNTchaTjmQTp7xWsjIinMEDn3GMXmZz7GGPhYw4cDJwja%2BjrOOyELetco8V3%2BAsieaEeA2etgztnCry2EZId9tkXuFd7%2BSP4w0lVwMQZCLFDIBsyliwdUYRTWlqi2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df9203c8093e6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg | 151.101.65.229 | 404 Not Found | 53 B |
URL GET HTTP/3cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg IP151.101.65.229:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with no line terminators Hashcb71d2b197dd6af21b39e0261fb1497c 9ab080da6e72161e565846ba4fe9a3279f8f9acf a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
content-length: 53
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
accept-ranges: bytes
age: 292
date: Wed, 17 Apr 2024 17:00:46 GMT
x-served-by: cache-fra-eddf8230046-FRA, cache-hel1410023-HEL
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png | 152.195.133.221 | 200 OK | 8.3 kB |
URL GET HTTP/2dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png IP152.195.133.221:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerDigiCert Inc Subjectgarenanow.com Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58 ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File typePNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced Hashc632e6bfd0076695e56477bdb3f7232c 5b4212f029814b5dfda946ac5e5a6ba97857feb9 86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
GET /common/web_event/official2/dist/client/img/full_logo.969f536.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 3048
cache-control: public, max-age=3600
content-md5: xjLmv9AHZpXlZHe9s/cjLA==
content-type: image/png
date: Wed, 17 Apr 2024 17:00:46 GMT
ec-version: v6.05
etag: "c632e6bfd0076695e56477bdb3f7232c"
expires: Wed, 17 Apr 2024 18:00:46 GMT
last-modified: Wed, 10 Apr 2024 03:54:58 GMT
server: ECAcc (ska/F692)
via: 1.1 41ee0215556e0543d529d912519eb46a.cloudfront.net (CloudFront)
x-amz-cf-id: ci9vaawv5n8EsgdIGWpNJn9YJTH9xwmXkss-YxWoZRl2WvWOA9P8eQ==
x-amz-cf-pop: ARN53-P1
x-cache: HIT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSaZzlBIXwKnuJycH41E0QepQoa5K6je
x-obs-replication-status: REPLICA
x-obs-request-id: 0000018EECD271C79410FE7BB7B4A26E
content-length: 8314
X-Firefox-Spdy: h2
|
|
| dl.dir.freefiremobile.com/common/web_event/mocoparty/images/spin.png | 152.195.133.221 | 200 OK | 9.0 kB |
URL GET HTTP/2dl.dir.freefiremobile.com/common/web_event/mocoparty/images/spin.png IP152.195.133.221:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerDigiCert Inc Subjectgarenanow.com Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58 ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File typePNG image data, 293 x 134, 8-bit colormap, non-interlaced Hash616cd6e82d8ddc0fcd3b7c938ed61423 356cee950b73aef62a80358d4e05747dd17a25e1 deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1
GET /common/web_event/mocoparty/images/spin.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 105
cache-control: public, max-age=3600
content-type: image/png
date: Wed, 17 Apr 2024 17:00:46 GMT
ec-version: v6.05
etag: "616cd6e82d8ddc0fcd3b7c938ed61423"
expires: Wed, 17 Apr 2024 18:00:46 GMT
last-modified: Thu, 04 Aug 2022 12:36:18 GMT
server: ECAcc (ska/F6B0)
via: 1.1 2d4ccfc38ee1229022124d55e34be376.cloudfront.net (CloudFront)
x-amz-cf-id: ykt3D1EC5vbS7w7djfkJkDIh196qoaIRR0exw8x2ln7rjOIcXGz_oA==
x-amz-cf-pop: ARN53-P2
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSCJvQ6O1G0xif1u4w/G+xpJsHzyo9kx
x-obs-request-id: 0000018EECFF591598156669A94B82D9
content-length: 8965
X-Firefox-Spdy: h2
|
|
| dl.dir.freefiremobile.com/common/web_event/mocoparty/images/dialog_bg.png | 152.195.133.221 | 200 OK | 2.9 kB |
URL GET HTTP/2dl.dir.freefiremobile.com/common/web_event/mocoparty/images/dialog_bg.png IP152.195.133.221:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerDigiCert Inc Subjectgarenanow.com Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58 ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File typePNG image data, 872 x 494, 8-bit colormap, non-interlaced Hashf8e6f93d0d924d6b75137b78fff9246c 83d1d834f41f15a6b73b89149c84b2f63079769a 8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e
GET /common/web_event/mocoparty/images/dialog_bg.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=3600
content-type: image/png
date: Wed, 17 Apr 2024 17:00:46 GMT
ec-version: v6.05
etag: "f8e6f93d0d924d6b75137b78fff9246c"
expires: Wed, 17 Apr 2024 18:00:46 GMT
last-modified: Thu, 04 Aug 2022 12:36:18 GMT
server: ECAcc (ska/F697)
via: 1.1 75d52516d2e9126ccb2b4cf8db62c446.cloudfront.net (CloudFront)
x-amz-cf-id: A1rZ2KIl4qwbcPh7ywyD7F8VSVTubYs51Kv8u1tKJxViEwqDGRLSnA==
x-amz-cf-pop: ARN53-P2
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMoB9Je9P247lo8q4Q5FuLvBa50beIj
x-obs-request-id: 0000018EED00F30690141CEB09B59610
content-length: 2929
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 142.250.147.94 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP142.250.147.94:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xjb3iya.ktt55.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 12 Apr 2024 05:44:14 GMT
expires: Sat, 12 Apr 2025 05:44:14 GMT
cache-control: public, max-age=31536000
age: 472592
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/0af6e327/www-player.css | 142.250.74.142 | 200 OK | 48 kB |
URL GET HTTP/2www.youtube.com/s/player/0af6e327/www-player.css IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hasheff7afac8f7ac0ed881f37ffd3eebcbe 21acf841f4603dbfaed62decef15175b5d68f20f ff1235e0e6c896931d1f31f618b35e68a469befd8c90d7a0da22f1d988b0bbc2
GET /s/player/0af6e327/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:35:31 GMT
expires: Thu, 17 Apr 2025 07:35:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 33915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/0af6e327/www-embed-player.vflset/www-embed-player.js | 142.250.74.142 | 200 OK | 98 kB |
URL GET HTTP/2www.youtube.com/s/player/0af6e327/www-embed-player.vflset/www-embed-player.js IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (682) Hashd5b8d160ab640bfc1dd99acd65f1d38d 1be3896846933d5011c56d56b4a0609b9f1a1caf a4a828c62029e531dfd2399d717731f7a22ce1c3e2c0bb796eee2c4bae9046b7
GET /s/player/0af6e327/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:35:31 GMT
expires: Thu, 17 Apr 2025 07:35:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 33915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xjb3iya.ktt55.my.id/img/senjata/2.jpg | 172.67.175.76 | 200 OK | 49 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/2.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 544x540, components 3 Hashb5a6d62277ce3509c4486c03278f5baa e0876453362058b662d85bc96b79d3e272f4b6e0 0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/2.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: image/jpeg
content-length: 48611
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 17:00:45 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZTjrNZOWayekDGa%2FJqC47B8y0fSeLBG%2FfsUKZu3sV0BU87tp3RTAu%2BJmt0Zf57p6vB6kg%2F7dNNhTwFAw2JXjGQrc33YDGGrc6Exmf7Zh72ytJ0KrNRkTW7DGTZ0yBbjd4cTG%2FnF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fc192e2-CPH
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 810 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (1574) Size810 kB (810232 bytes) Hash369cbeaee8e26da69cc5b0a0700cd62c 6410e6e42ef9c1964e102d34f9284bee7f055151 85b4b6b94b60580f6b44fd4f8152947eefdaf52fd5866219d86d5cfea0ee010d
GET /releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xjb3iya.ktt55.my.id/
Origin: https://xjb3iya.ktt55.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b5ef788d0f05b31973ca8ae989fe9748.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: TGBi0JfHZdmFa68t6RvKZBhZM9r7ihS7eyQFiuT4mgEtcQrUaIto3Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2BKhyKDGfNEyny%2F3aGNnxqHDf2OEIEXS5oTdJecyRJOaPmPz6oyIFDlh7VevYuy3zWw0VnBPDhn4XdFSfgWUXwqQDtjPa%2FjIcAsXmhKmEWkwdNhKBlC226%2BkYQpxesvzdst78FLl%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df924ffa8930b-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.147.94 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.147.94:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 12 Apr 2024 10:51:38 GMT
expires: Sat, 12 Apr 2025 10:51:38 GMT
cache-control: public, max-age=31536000
age: 454148
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/nVkV8M0W/FfMaxx.jpg |  162.19.88.68 | 200 OK | 37 kB |
URL GET HTTP/2i.postimg.cc/nVkV8M0W/FfMaxx.jpg IP162.19.88.68:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3 Hash61aa45bf291755caa8f0664e4e8b91e9 33f6c6304486ce8004d9d459f08aa6b95982f0ba 323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3
GET /nVkV8M0W/FfMaxx.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: image/jpeg
content-length: 37166
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.147.94 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.147.94:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 19:55:54 GMT
expires: Fri, 11 Apr 2025 19:55:54 GMT
cache-control: public, max-age=31536000
age: 507892
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xjb3iya.ktt55.my.id/img/senjata/7.jpg | 172.67.175.76 | 200 OK | 44 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/img/senjata/7.jpg IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 233x290, components 3 Hash3a2c83793835b5368b13d958c26b8490 3602414a07ac93f56d0a069352f1096803feaa21 cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/7.jpg HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: image/jpeg
content-length: 43744
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 17:00:46 GMT
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KV0SE%2Bvk65nGj%2Bl5Zzlg6GIH9bTA3B8Fv%2FdK0AzqTaprhl%2F9A8w6TMZQQM8etMpYUQOTA9ErsmVL0yXHqnDKM1TLWiuOE3vmlC1gnTt8oblkiSaw8PWG6NAoyVCFVa0YiTpWje%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91e4fd392e2-CPH
|
|
| i.postimg.cc/cHSfkTc2/1677942245853.jpg | 162.19.88.68 | 200 OK | 257 kB |
URL GET HTTP/2i.postimg.cc/cHSfkTc2/1677942245853.jpg IP162.19.88.68:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 1280x720, components 3 Size257 kB (256707 bytes) Hash290633bcfe44a3c2cd0aba27e1450899 6621cdb5237050ecc014499179cdbb4a20038863 bb4bc1a504ddf57f52bdb35efb1cdbfac4c9f2c78f00d85c70a6424ec1aa498f
GET /cHSfkTc2/1677942245853.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: image/jpeg
content-length: 256707
last-modified: Sat, 04 Mar 2023 15:05:20 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/nVkV8M0W/FfMaxx.jpg | 162.19.88.68 | 200 OK | 37 kB |
URL GET HTTP/2i.postimg.cc/nVkV8M0W/FfMaxx.jpg IP162.19.88.68:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3 Hash61aa45bf291755caa8f0664e4e8b91e9 33f6c6304486ce8004d9d459f08aa6b95982f0ba 323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3
GET /nVkV8M0W/FfMaxx.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 17:00:47 GMT
content-type: image/jpeg
content-length: 37166
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/embed.js | 142.250.74.142 | 200 OK | 18 kB |
URL GET HTTP/3www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/embed.js IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (3391) Hashd402bd816dc653a38c45b999b83a09ec cafbc4938c3dfd636aa833b1003248d97353f2c0 0dd380ba638f1df10476e7866f3e04f56e13ecc0dd03974eb46122d7e31dffc8
GET /s/player/0af6e327/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18201
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:35:42 GMT
expires: Thu, 17 Apr 2025 07:35:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 33905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.147.95 | 200 OK | 0 B |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.147.95:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 17 Apr 2024 17:00:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.147.95 | 200 OK | 42 kB |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.147.95:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash817e3391c3d285759abc6b1b50695cab 96f1c99990dd6de3a25b55c943e7a16e22c8484d 392970904a172ffa1ac2d5d0fd77f9573da725efa877ed79135705e9005a18b3
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 17 Apr 2024 17:00:47 GMT
server: ESF
cache-control: private
content-length: 42248
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/player?prettyPrint=false | 142.250.74.142 | 200 OK | 30 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/player?prettyPrint=false IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashf84bbcc133265475c1c35944fb9e0716 9558bbfd458ca919412da7230bc5a92511759b0c d893d842f7b91b02141272e3659efdb7217d433a78d040ef2fab0f77552ce5d1
POST /youtubei/v1/player?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240414.00.00
Content-Length: 3082
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 17:00:47 GMT
server: scaffolding on HTTPServer2
content-length: 29970
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js | 142.250.74.132 | 200 OK | 20 kB |
URL GET HTTP/2www.google.com/js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js IP142.250.74.132:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeJavaScript source, ASCII text, with very long lines (52156) Hashe72bebc20c294cb7e62bbccd15c94b1b a83fff70fe780fcbb8738f3d1cf4a7e309879dc6 deaafb8216bbe3662798052922d42a200bb71eb4c80c86835d2dd790f12ae405
GET /js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 05:04:22 GMT
expires: Thu, 17 Apr 2025 05:04:22 GMT
cache-control: public, max-age=31536000
age: 42985
last-modified: Thu, 04 Apr 2024 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yt3.ggpht.com/pQIjBsJLIq127A3e_QU4z93fOnlN4nkkOIq8a6S8FE5bOV2i9bGxagAU_X5DmotpxzNBIOIkTA=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 4.3 kB |
URL GET HTTP/2yt3.ggpht.com/pQIjBsJLIq127A3e_QU4z93fOnlN4nkkOIq8a6S8FE5bOV2i9bGxagAU_X5DmotpxzNBIOIkTA=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3 Hashdec6b42c47a0f3bdc26c2a4954f7ccaf 79779463fa1c61a4cf26d02ae5e1b55c2d3e7e5b ccffd73f5aa1679f83921212410cbece705f68379d107c67634186d1466a10d6
GET /pQIjBsJLIq127A3e_QU4z93fOnlN4nkkOIq8a6S8FE5bOV2i9bGxagAU_X5DmotpxzNBIOIkTA=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4260
x-xss-protection: 0
date: Wed, 17 Apr 2024 14:15:10 GMT
expires: Thu, 18 Apr 2024 14:15:10 GMT
cache-control: public, max-age=86400, no-transform
age: 9937
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.147.95 | 200 OK | 0 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.147.95:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 17 Apr 2024 17:00:47 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.147.95 | 200 OK | 114 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.147.95:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashe62d9067acce7ec3f8dc4be81fee34be 1f6eb3356c53daedab38dd076971838167a3769c e89ddcae14d9228de90166b13f6a1ac61fdceda34f31a246afef4963dd2dea7b
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1214
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 17 Apr 2024 17:00:47 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/generate_204?chfQ4Q | 142.250.74.142 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/generate_204?chfQ4Q IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?chfQ4Q HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 17 Apr 2024 17:00:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/api/stats/qoe?fmt=396&cpn=oJKT7zRK9m5aXlZD&el=embedded&ns=yt&fexp=v1%2C23848212%2C135084%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C31785%2C4558%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C970%2C1037%2C9072%2C3811%2C843%2C3499%2C4365%2C7557%2C643%2C8433%2C531%2C221%2C44%2C554%2C847%2C9995%2C1103%2C6331%2C2550&cl=625523793&seq=1&docid=I7gy-VPjcKI&ei=PwAgZqG-HbSf0u8P3IKegAM&event=streamingstats&plid=AAYWTcvJ_ou3M9v6&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBvSktUN3pSSzltNWFYbFpEEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.626:B,0.626:B&cat=streaming&cmt=0.025:0.000,0.626:0.000&ctmp=itr:t.600;&vfs=0.626:396:396::r&view=0.626:390:190&bwe=0.626:130000&vis=0.626:0&bh=0.626:0.000 | 142.250.74.142 | 204 No Content | 0 B |
URL POST HTTP/3www.youtube.com/api/stats/qoe?fmt=396&cpn=oJKT7zRK9m5aXlZD&el=embedded&ns=yt&fexp=v1%2C23848212%2C135084%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C31785%2C4558%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C970%2C1037%2C9072%2C3811%2C843%2C3499%2C4365%2C7557%2C643%2C8433%2C531%2C221%2C44%2C554%2C847%2C9995%2C1103%2C6331%2C2550&cl=625523793&seq=1&docid=I7gy-VPjcKI&ei=PwAgZqG-HbSf0u8P3IKegAM&event=streamingstats&plid=AAYWTcvJ_ou3M9v6&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBvSktUN3pSSzltNWFYbFpEEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.626:B,0.626:B&cat=streaming&cmt=0.025:0.000,0.626:0.000&ctmp=itr:t.600;&vfs=0.626:396:396::r&view=0.626:390:190&bwe=0.626:130000&vis=0.626:0&bh=0.626:0.000 IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&cpn=oJKT7zRK9m5aXlZD&el=embedded&ns=yt&fexp=v1%2C23848212%2C135084%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C31785%2C4558%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C970%2C1037%2C9072%2C3811%2C843%2C3499%2C4365%2C7557%2C643%2C8433%2C531%2C221%2C44%2C554%2C847%2C9995%2C1103%2C6331%2C2550&cl=625523793&seq=1&docid=I7gy-VPjcKI&ei=PwAgZqG-HbSf0u8P3IKegAM&event=streamingstats&plid=AAYWTcvJ_ou3M9v6&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBvSktUN3pSSzltNWFYbFpEEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.626:B,0.626:B&cat=streaming&cmt=0.025:0.000,0.626:0.000&ctmp=itr:t.600;&vfs=0.626:396:396::r&view=0.626:390:190&bwe=0.626:130000&vis=0.626:0&bh=0.626:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713373247242&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 17:00:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/annotations_module.js | 142.250.74.142 | 200 OK | 19 kB |
URL GET HTTP/3www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/annotations_module.js IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1115) Hash49823e639be8a1f93f99ff798d00872e df9216c93883772f0f7a2af77ff178e2ddd7c861 6e8cb8561c1fa90ef0c54bb4ec473dce463ec570b1d1f447f9a18397a056bb63
GET /s/player/0af6e327/player_ias.vflset/en_US/annotations_module.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18882
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:37:15 GMT
expires: Thu, 17 Apr 2025 07:37:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 33813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/endscreen.js | 142.250.74.142 | 200 OK | 8.4 kB |
URL GET HTTP/3www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/endscreen.js IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (607) Hash6af08dc7b80302c168dfaf4888a3bb5d c98682226470a511e7fa503bcdd2e925f8fe17ff 4d302c87d6e40fe52f68b55b5457a7ff7e9506a9820e010eac09510df877bce9
GET /s/player/0af6e327/player_ias.vflset/en_US/endscreen.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8391
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:36:46 GMT
expires: Thu, 17 Apr 2025 07:36:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 33842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/captions.js | 142.250.74.142 | 200 OK | 24 kB |
URL GET HTTP/3www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/captions.js IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (546) Hash3a8e020cb957d03dab80be3b60308350 3405f072a9ea6aa0aa8de4c52d5ec3d9ce8d3167 e66b0c9233e432b4522f663da9337910b48b679f21afdd320a5712237d13d73e
GET /s/player/0af6e327/player_ias.vflset/en_US/captions.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24394
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:36:46 GMT
expires: Thu, 17 Apr 2025 07:36:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 33842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=0-65985&rn=2&rbuf=0&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 |  91.90.45.173 | 200 OK | 66 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=0-65985&rn=2&rbuf=0&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash908102cc258fe4a03608e3e33ac82426 0dfb25ae82cffc48d20a21c6e1bb138ce97515b1 664e9aff2ec49a70cbb0f4124f992aa211b64330c7533556b8d54bbcfcc89805
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=0-65985&rn=2&rbuf=0&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Sun, 04 Feb 2024 00:52:22 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 17 Apr 2024 17:00:48 GMT
Expires: Wed, 17 Apr 2024 17:00:48 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=0-92437&rn=1&rbuf=0&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 92 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=0-92437&rn=1&rbuf=0&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash81ec367e2d81b1551bc2700309eec63f f901e40053b33b5649c60852953bfbf179b7882f f2c618b483da4426809bd3d80fcfbed2dafbcc497bf2fa936f9faab1e776187f
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=0-92437&rn=1&rbuf=0&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Sun, 04 Feb 2024 01:08:30 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 17 Apr 2024 17:00:48 GMT
Expires: Wed, 17 Apr 2024 17:00:48 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.142 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713373248439
Content-Type: application/json
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713373247242&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 16815
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 17:00:48 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| i.ytimg.com/vi/I7gy-VPjcKI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE8gSShyMA8=&rs=AOn4CLB5ELBfYxB_OQSRhiGiqnBrzuBypg | 216.58.207.214 | 200 OK | 47 kB |
URL GET HTTP/2i.ytimg.com/vi/I7gy-VPjcKI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE8gSShyMA8=&rs=AOn4CLB5ELBfYxB_OQSRhiGiqnBrzuBypg IP216.58.207.214:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectedgestatic.com Fingerprint78:1A:D9:37:F2:33:3C:A9:0F:4C:4A:E8:40:9E:55:8E:02:75:1E:15 ValidityMon, 04 Mar 2024 06:35:07 GMT - Mon, 27 May 2024 06:35:06 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3 Hash8fa386e2664ccb654b130e6f2eb4001a 0c2badeaca6567dbcc07a4dd3c0abeee198a2f64 84214d90a97eb88efaff581648c34345231c19f2fb34a3eb03dadeb53798548d
GET /vi/I7gy-VPjcKI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE8gSShyMA8=&rs=AOn4CLB5ELBfYxB_OQSRhiGiqnBrzuBypg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 46985
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 17:00:48 GMT
expires: Wed, 17 Apr 2024 19:00:48 GMT
cache-control: public, max-age=7200
etag: "1677852174"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/next?prettyPrint=false | 142.250.74.142 | 200 OK | 2.0 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/next?prettyPrint=false IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd5b3444aa5262caba115e37fad18ce74 285d3401c939e05411255bf47b12037af9470cd6 4add1b89e63049f78acc00bb3e196f8d499d6d214e0ccfd40fb0d0333d7d2c47
POST /youtubei/v1/next?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240414.00.00
Content-Length: 2693
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 17:00:49 GMT
server: scaffolding on HTTPServer2
content-length: 2001
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt3.ggpht.com/pQIjBsJLIq127A3e_QU4z93fOnlN4nkkOIq8a6S8FE5bOV2i9bGxagAU_X5DmotpxzNBIOIkTA=s88-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 6.0 kB |
URL GET HTTP/3yt3.ggpht.com/pQIjBsJLIq127A3e_QU4z93fOnlN4nkkOIq8a6S8FE5bOV2i9bGxagAU_X5DmotpxzNBIOIkTA=s88-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x88, components 3 Hash7c16796fd81fc25db165560a1961b558 9983363b1b05a1d6cc2f0b7d0a98c47128427873 100fe9f6e2bcbcdc62dd5141a617cfc2c6736c882eff4270fa0143a8497ce678
GET /pQIjBsJLIq127A3e_QU4z93fOnlN4nkkOIq8a6S8FE5bOV2i9bGxagAU_X5DmotpxzNBIOIkTA=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 5987
x-xss-protection: 0
date: Wed, 17 Apr 2024 16:21:29 GMT
expires: Thu, 18 Apr 2024 16:21:29 GMT
cache-control: public, max-age=86400, no-transform
age: 2360
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.142 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713373250095
Content-Type: application/json
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713373246629&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 2294
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 17:00:50 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=oJKT7zRK9m5aXlZD&el=embedded&ns=yt&fexp=v1%2C23848212%2C135084%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C31785%2C4558%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C970%2C1037%2C9072%2C3811%2C843%2C3499%2C4365%2C7557%2C643%2C8433%2C531%2C221%2C44%2C554%2C847%2C9995%2C1103%2C6331%2C2550&cl=625523793&seq=2&docid=I7gy-VPjcKI&ei=PwAgZqG-HbSf0u8P3IKegAM&event=streamingstats&plid=AAYWTcvJ_ou3M9v6&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBvSktUN3pSSzltNWFYbFpEEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.631:251::i&cmt=0.658:0.000,10.001:0.000&vps=0.658:N&ctmp=dompaused:t.660;r.promise;m.NotAllowedError&bwm=10.001:619731:0.870&bwe=10.001:1338763&bh=10.001:13.700 | 142.250.74.142 | 204 No Content | 0 B |
URL POST HTTP/3www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=oJKT7zRK9m5aXlZD&el=embedded&ns=yt&fexp=v1%2C23848212%2C135084%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C31785%2C4558%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C970%2C1037%2C9072%2C3811%2C843%2C3499%2C4365%2C7557%2C643%2C8433%2C531%2C221%2C44%2C554%2C847%2C9995%2C1103%2C6331%2C2550&cl=625523793&seq=2&docid=I7gy-VPjcKI&ei=PwAgZqG-HbSf0u8P3IKegAM&event=streamingstats&plid=AAYWTcvJ_ou3M9v6&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBvSktUN3pSSzltNWFYbFpEEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.631:251::i&cmt=0.658:0.000,10.001:0.000&vps=0.658:N&ctmp=dompaused:t.660;r.promise;m.NotAllowedError&bwm=10.001:619731:0.870&bwe=10.001:1338763&bh=10.001:13.700 IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&afmt=251&cpn=oJKT7zRK9m5aXlZD&el=embedded&ns=yt&fexp=v1%2C23848212%2C135084%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C31785%2C4558%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C970%2C1037%2C9072%2C3811%2C843%2C3499%2C4365%2C7557%2C643%2C8433%2C531%2C221%2C44%2C554%2C847%2C9995%2C1103%2C6331%2C2550&cl=625523793&seq=2&docid=I7gy-VPjcKI&ei=PwAgZqG-HbSf0u8P3IKegAM&event=streamingstats&plid=AAYWTcvJ_ou3M9v6&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBvSktUN3pSSzltNWFYbFpEEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.631:251::i&cmt=0.658:0.000,10.001:0.000&vps=0.658:N&ctmp=dompaused:t.660;r.promise;m.NotAllowedError&bwm=10.001:619731:0.870&bwe=10.001:1338763&bh=10.001:13.700 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713373247242&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 17:00:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 142.250.74.142 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713373273213
Content-Type: application/json
X-Goog-Visitor-Id: CgtYZ1FubjZTNzNfMCi-gICxBjIOCgJOTxIIEgQSAgsMIGM%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713373246629&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 956
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 17:01:13 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com | 142.250.74.142 | 200 OK | 93 kB |
URL GET HTTP/2www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com IP142.250.74.142:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 17:00:46 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=9KAHE7kDFmY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=XgQnn6S73_0; Domain=.youtube.com; Expires=Mon, 14-Oct-2024 17:00:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIGM%3D; Domain=.youtube.com; Expires=Mon, 14-Oct-2024 17:00:46 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9e01696f4dd85a48838a9ea9ee82ef4a
cdn-cache: HIT
cf-cache-status: HIT
age: 567335
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 875df91eddacbe51-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 823 B |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (845), with no line terminators Hash1af9af6e84d6fcbedffbf79321ca46b2 0f8c679ef763d2ecdc4d775dbe9af668b2284644 ebb1355be44fef0caf09c3740d278ab9461238e988fd43375d389a16e39bed8a
GET /releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xjb3iya.ktt55.my.id/
Origin: https://xjb3iya.ktt55.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"e8ee688b3310772b65f39c69b76f4720"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: LLeW5I7zX6QgcQDtJo39E5lOX3vohDA93bkfsiZr4Wq28lu9r6rY1Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lqv05r50ba2HE3hWh5TWHaHAk10pCmBHjvenqpkh6GcHKwyK2I02I8fpRJBRg4OBY3AaHWOpTT6ZgxCO510dNyXaEQC%2F3UJxUyB1TxiJm%2FTz2bSkturL9Lu5f29n4%2BBo47aNGT6Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df924ef9d930b-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=356418-971545&rn=6&rbuf=14119&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 615 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=356418-971545&rn=6&rbuf=14119&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size615 kB (615191 bytes) Hash4b026d7f237afcd17cb1c2a0e0c5460f a4e4ea62aec1c79ccf177748d7baefb7f86d497f 603d57079528b9677c8c563f50a54c211d9217fd8b2ecd8e611666e63d558640
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=356418-971545&rn=6&rbuf=14119&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Sun, 04 Feb 2024 01:08:30 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 17:00:58 GMT
expires: Wed, 17 Apr 2024 17:00:58 GMT
cache-control: private, max-age=21289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| xjb3iya.ktt55.my.id/alexFrontEnd/tiktok.png | 172.67.175.76 | 404 Not Found | 1.2 kB |
URL GET HTTP/3xjb3iya.ktt55.my.id/alexFrontEnd/tiktok.png IP172.67.175.76:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectktt55.my.id Fingerprint8A:ED:C5:91:EA:3A:47:4E:D2:1C:E4:11:78:2D:71:BC:1D:AA:DF:DE ValiditySat, 16 Mar 2024 07:53:55 GMT - Fri, 14 Jun 2024 07:53:54 GMT
File typeHTML document, ASCII text, with very long lines (1276), with no line terminators Hash24b426fea67958554911ff4c943fdfe4 b92889146d4c1bbddccabe58ca15c814ea066f72 335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /alexFrontEnd/tiktok.png HTTP/1.1
Host: xjb3iya.ktt55.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HSpRWuw2OmkIipIFzyg39%2FQyEdAkM9ZKf0qg4fNpgv8Z4i5mpF%2FUzKZQMt7ywIvhA%2B1dfKj%2BB%2BJZ%2BoQ8hHaNKq12pMLZqcXnuTfgJhQ7MuZDS62xeX7zW2ORyfUFN%2BqysMmxWTNf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91f095792e2-CPH
content-encoding: br
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=92438-356417&rn=4&rbuf=5773&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 264 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=92438-356417&rn=4&rbuf=5773&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size264 kB (264043 bytes) Hash8567da8c4c72f2b43cc14b9d24ba18bc 7f4f3a0e8c3bda573fd59f572080a43a6d47f688 268cc046547b5829a82f25508c38974ce9963f1cc2394b2eaa81c86c6ec72026
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=video%2Fmp4&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIhANiZh8sKJa4EuUj9JiysRqe355ikYwh6InSZZYZ-DTiLAiBIijUPd_Uk4sheaJewzpoQiLBPQ8rrCnY4G6UWxp4qXg%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=92438-356417&rn=4&rbuf=5773&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Sun, 04 Feb 2024 01:08:30 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 17:00:48 GMT
expires: Wed, 17 Apr 2024 17:00:48 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| site-assets.fontawesome.com/releases/v6.1.1/css/all.css | 172.64.147.188 | 200 OK | 498 kB |
URL GET HTTP/2site-assets.fontawesome.com/releases/v6.1.1/css/all.css IP172.64.147.188:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typeASCII text, with very long lines (65360) Size498 kB (498160 bytes) Hash325672b036bab9b57f6873aed5eccc43 264f5db348311950380ad1bca79754ff593d87e2 a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 12668931
vary: Accept-Encoding
server: cloudflare
cf-ray: 875df91ebef3be58-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| filebagasarya.com/css/ff/facebook.css | 188.114.96.1 | 200 OK | 5.2 kB |
URL GET HTTP/2filebagasarya.com/css/ff/facebook.css IP188.114.96.1:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfilebagasarya.com FingerprintF8:10:79:DD:D9:42:FF:FD:E3:35:9B:09:62:4F:9B:40:07:DD:BA:85 ValidityMon, 26 Feb 2024 19:06:41 GMT - Sun, 26 May 2024 19:06:40 GMT
File typeASCII text, with very long lines (5644), with no line terminators Hash6c6eede9c902bf0866eeddd6e031b122 25ae33158196270672483a1e0dbda68509485a5f 80b152572eaf6ad6ebc58b3983d99fede9df16c73de5d0e9bf4a8857bcce7201
GET /css/ff/facebook.css HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:45 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 22 Apr 2024 17:12:09 GMT
last-modified: Mon, 06 Nov 2023 21:44:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 172116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j6WY3Tp2OGJcL7msxEK3c7v4Z7%2BouUGLBDPKizgX8xOQv2dooZq1ndXHO7uYNjrn8PnwbSABXaRSaXOJ%2FYOOLbbfXCSwde7TeFEEhyQ6CjlF0YGYR0G1cYQgiHipuftEnuRsQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df91f0a34be4e-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap | 142.250.74.106 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap IP142.250.74.106:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (5645), with no line terminators Hash7e8ccf34cfbd7681f3b6a7b967e632c9 8550d37535c577c1f2454fe033691a280d1a473a 984f7fcf1514b4faf8b84587104475a20d12627f7b3ec5f8fcd6b72d6ccf2d4f
GET /css2?family=Teko:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 17:00:45 GMT
date: Wed, 17 Apr 2024 17:00:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=131522-262958&rn=5&rbuf=8114&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 132 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=131522-262958&rn=5&rbuf=8114&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size132 kB (131500 bytes) Hashf95921e7f10f75ee5e269913762d5322 bfbc79fa926b2f67ca66f7f2c39ba15567aebe60 b07a1ab8d1d3b93c31cd51021a35d26f51a8d8cd566735a9efc7856a31d3b356
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=131522-262958&rn=5&rbuf=8114&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Sun, 04 Feb 2024 00:52:22 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 17:00:48 GMT
expires: Wed, 17 Apr 2024 17:00:48 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=262959-479173&rn=7&rbuf=16361&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 216 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=262959-479173&rn=7&rbuf=16361&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size216 kB (216278 bytes) Hash7c37484f976c4ea6aa600200c52ab6fd 7c14ccafff9f2555c94df4ba6045f2f785d33a87 bbe84649c085ba47a16ffe6304ab02e412e3d448250e4d62408b95f3469aab41
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=262959-479173&rn=7&rbuf=16361&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Sun, 04 Feb 2024 00:52:22 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 17:00:58 GMT
expires: Wed, 17 Apr 2024 17:00:58 GMT
cache-control: private, max-age=21289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=65986-131521&rn=3&rbuf=4057&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 66 kB |
URL POST HTTP/3rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=65986-131521&rn=3&rbuf=4057&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash7302e111795e7808d94fdce0e157ac10 ace4f648dc2f5abdb058717ac4f33263cb506dfd ddd87b2df68ae839b00cd40df28d31b22ecce0a620084126a7461799d34b3e55
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=65986-131521&rn=3&rbuf=4057&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Sun, 04 Feb 2024 00:52:22 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 17:00:48 GMT
expires: Wed, 17 Apr 2024 17:00:48 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 90 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (65321) Hash345f5ecc270c94968998574a2d37e31a 4b1937ca073a8376a07161bc40549585493ffa3d efad9b46d0c00f2562eb53236717ff21ebd474f8d68f69b45f92c424bfd87e9c
GET /releases/v6.0.0/css/free.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xjb3iya.ktt55.my.id/
Origin: https://xjb3iya.ktt55.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"345f5ecc270c94968998574a2d37e31a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 02afd2562bb1a39ba5694a129e4b7ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: kYeXMJndVbCOLJbWVw71jffST8KpfqIY0K5GruBXnjEoxw0CB6DR2Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0sPVk8Fa1ndUIM%2FqncB%2B%2FbQCYoYlW%2BtFl8tlxx7gCHzg4iLsjfCq%2BMfjko3KAsb%2F6FWJWilKMiXYhLvcINxboI3BPYAtDzTlnHkHzfnk8CygSPeuPlz23RWGFdDKKce7wDxiOw2Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df924efa4930b-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png | 151.101.65.229 | 404 Not Found | 0 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png IP151.101.65.229:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gh/AlexHostX/mlbb@main/old/logo.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xjb3iya.ktt55.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
accept-ranges: bytes
age: 564
date: Wed, 17 Apr 2024 17:00:45 GMT
x-served-by: cache-fra-eddf8230118-FRA, cache-hel1410029-HEL
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53
X-Firefox-Spdy: h2
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=479174-946524&rn=8&rbuf=30001&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 | 0.0.0.0 | | 467 kB |
URL POST rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=479174-946524&rn=8&rbuf=30001&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 IP0.0.0.0:0
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size467 kB (467414 bytes) Hash5e02d2bc91b6ee7eec4825dfbfd04c7f 198f574da9ae3633f6ad92b37f564beaa263c0bf a66915221e5b445c8674116037f0e60494f64bb4c1ac56c59af77da0b00c8f63
POST /videoplayback?expire=1713394847&ei=PwAgZqG-HbSf0u8P3IKegAM&ip=91.90.42.154&id=o-AE7n6eOlSlIW7fqnhVaovfNhCappieeFPbme2jDgzc6g&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pcm2cms=yes&pl=21&initcwndbps=1978750&bui=AaUN6a2xegTTPWykKWrGiDIZXiHc2LEZeDFptZac7zTUXJWG45BiBUJ97CJCTy8FX1OXLH70WfsAWYT-&spc=UWF9f--OQFrP2qXOlDvOwsehwXCnjzvqg8wRKZt6M7Sm-EKaIlaneWScrA&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=PqAvxf21JD41hS7QJBkpSyYQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1713372799&fvip=2&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=aLbH2spn3_2NAw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRAIgBCZGDwc9qUfLpKA6SFH5HralDDOEXo8Z0JnNDUYXCdACIDsODZpdqKhmkrtKIPjr-dT98l6QeiKq0aVv9hjmxdmn&alr=yes&sig=AJfQdSswRQIgVDbRJ6VK7pBcQ_GNpuNcecz69yy_8SCfNo-a5XzX5ZICIQDJIWx2MFLTst-ED6wpDyrQV_Z6srQI2nJWKy6wbr6rUA%3D%3D&cpn=oJKT7zRK9m5aXlZD&cver=1.20240414.00.00&range=479174-946524&rn=8&rbuf=30001&pot=MnnPWXwHFxSjOM9i2MRG6C6Da19ABvrZ-jH-2J8xQWCUHW5gJjoV6B2Gxw4LhauwP0ei59Qa6BxO8v_T_KFnj2yj3NCgPjNvdjjkG9iHm2g8qdLy3_YyZM3upTfz5Wg4trSKJuyN9OdFrHakvtZ6PQ8HM4ZKhQKPK_L5&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Sun, 04 Feb 2024 00:52:22 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 17:01:08 GMT
expires: Wed, 17 Apr 2024 17:01:08 GMT
cache-control: private, max-age=21279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/base.js | 142.250.74.142 | 200 OK | 2.5 MB |
URL GET HTTP/2www.youtube.com/s/player/0af6e327/player_ias.vflset/en_US/base.js IP142.250.74.142:443
Requested byhttps://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Size2.5 MB (2546025 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/player/0af6e327/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 809601
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 07:35:42 GMT
expires: Thu, 17 Apr 2025 07:35:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 17 Apr 2024 04:21:26 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 33904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 26 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://xjb3iya.ktt55.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (26019) Hashc32e971c7d11c2407f847b61c515f1e2 85ac47a05e49f01cd62301ee121a2ca0dfdc0f83 a7fb3a26d569bec0139baaae950e43c1e10b0afbcf6e9d7654aa1181a8319759
GET /releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xjb3iya.ktt55.my.id/
Origin: https://xjb3iya.ktt55.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 17:00:46 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 52b109b1375547c721208eb7c7b3185a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: TD1g41autCoZ7VGFkvE3wGwLnZDB0GeuTnRxkVJWPon3B7jOt2-NgA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F427aRji%2FDq4b3RG705lySfrp%2FxrcLfM1xfQmIVd2b5GchnXr8BJu8VMWILAxNl%2FcyavNz%2B8rpYBDwkoVzb35%2BTxsS5ICtsujcVsF%2FnGn8oVPjs9%2FQGDYLFRZCHLcSl3%2FmxJ5xEbfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875df924ffac930b-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|