103.8.24.77302 Found 128 B URL User Request GET HTTP/1.1 IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 2a73362384d5f3761eba71f5f02eab31
5f228e1f19948a0a2341692816ec295ba91904b2
bda0d88dd86526f95505bab1c8606f02cb48f9d3f72da234280a3d4b8fdf009f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET / HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Location: /login.aspx
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 19:59:59 GMT
Content-Length: 128
dev.rollcall.asia/login.aspx
103.8.24.77200 OK 3.8 kB URL User Request GET HTTP/1.1 dev.rollcall.asia/login.aspx
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (337), with CRLF line terminators
Hash baf0acd04039f32fdfae64b9b5b9e93a
2bc8cd5a26bb2f7d0a835789a6a9d14f0f052e8b
6b5e42526055118433a913b777886d718af4977982db8e93d3bbf9e37efb19c9
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /login.aspx HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 19:59:59 GMT
Content-Length: 3762
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f69556f96addf59393c63ef21818749b
789d0d9f1505ad2cecdf48a6c3c4c3fc393f0b6e
346892b415ce1392b9a8f898b417349886229bf9c81f62161f9fdc019f6e89aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dev.rollcall.asia/App_Themes/Master/StyleSheet.css
103.8.24.77200 OK 2.9 kB URL GET HTTP/1.1 dev.rollcall.asia/App_Themes/Master/StyleSheet.css
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type assembler source, Unicode text, UTF-8 (with BOM) text, with very long lines (748), with CRLF line terminators
Hash 09c0ae7c0499c2cfbc13243d3e024fb6
a2960808a8626b256e4aafabaf1c76cfa0b1652d
912cf128ce0a608c9d0bc1f539377340becd1248c849bd01ab4568eb4829534f
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /App_Themes/Master/StyleSheet.css HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 20 Oct 2021 11:28:18 GMT
Accept-Ranges: bytes
ETag: "371c294a5c5d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 2870
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 81375129214a57d2dc6793c1f3ac675a
d123df1cd6676e813a0dc11b5226616449ba6ef1
c08b4485550568c320579d60318c5b1fea9220df17e490418a561b541f6f2441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:02:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.stripe.com/v3
54.230.111.74200 OK 124 kB IP 54.230.111.74:443
Requested by http://dev.rollcall.asia/login.aspx
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint2A:3E:8A:26:72:A8:93:41:18:D3:CF:E6:28:64:CC:4E:28:9B:D7:D1
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 124 kB (124021 bytes)
Hash 2097b54581d2ecf5c74d90d671b17e20
b74728ab23292288b517f166674f25c4e035fb68
587aabbf2d802b52807d0e11eabd2d4e9a20e0957945925fa7ad814560c469e2
GET /v3 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dev.rollcall.asia/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 13 Apr 2023 17:34:06 GMT
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-encoding: br
date: Thu, 13 Apr 2023 20:02:12 GMT
cache-control: max-age=60
etag: W/"0ff6aef4bcb7d8e99b3430f12ce99a60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eTXFNbwKzZxWlaC1-3EAqqyBFy5N2u2yJ7PDnmD2gBOqGoIlNCobYw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0b2b5b556190d0a01c8eeb19d631f315
aead55272da30418fc45d3d3efb690361cd33cee
e5365fa2375a844bd9800ba61ce41ddf8dcd76c5f58f42bde1f6f8703a5a60d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Apr 2023 20:02:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dev.rollcall.asia/WebResource.axd?d=NSl-bnjOFOwVkiszkBav1kEpFWjmukUA3HKDxsy-_C0-FJpUYVDQIiaMqqDgRfW8Bx0UfBZaawgXEyrNk-0SV4CUFjnqU0i3Ko4vQIGu0Lw1&t=637814948020000000
103.8.24.77200 OK 7.2 kB URL GET HTTP/1.1 dev.rollcall.asia/WebResource.axd?d=NSl-bnjOFOwVkiszkBav1kEpFWjmukUA3HKDxsy-_C0-FJpUYVDQIiaMqqDgRfW8Bx0UfBZaawgXEyrNk-0SV4CUFjnqU0i3Ko4vQIGu0Lw1&t=637814948020000000
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type ASCII text, with CRLF line terminators
Hash e8b0b7f305d9491e672bee888bc677ea
d83fc8ba19c25ec49683a90808a46412ba7e3aec
03be663726f0d8db2d2da1ea2f1eae4354f9853a618fa0a862379e8d3b2348bc
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /WebResource.axd?d=NSl-bnjOFOwVkiszkBav1kEpFWjmukUA3HKDxsy-_C0-FJpUYVDQIiaMqqDgRfW8Bx0UfBZaawgXEyrNk-0SV4CUFjnqU0i3Ko4vQIGu0Lw1&t=637814948020000000 HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Fri, 12 Apr 2024 11:46:52 GMT
Last-Modified: Sat, 26 Feb 2022 09:53:22 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 7228
dev.rollcall.asia/WebResource.axd?d=SL_BE9Uq8aHfluphVKgKVObst0UiBGPP5wJRJMNa5tTlvBu6p3xQoE2X3fFzqxdXghaJ1FU1Pjm62w5cheOfJTjsWj7YBG7aQgxGNLe4p501&t=637814948020000000
103.8.24.77200 OK 6.0 kB URL GET HTTP/1.1 dev.rollcall.asia/WebResource.axd?d=SL_BE9Uq8aHfluphVKgKVObst0UiBGPP5wJRJMNa5tTlvBu6p3xQoE2X3fFzqxdXghaJ1FU1Pjm62w5cheOfJTjsWj7YBG7aQgxGNLe4p501&t=637814948020000000
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type ASCII text, with CRLF line terminators
Hash 06fd446079195e9866f38728a31b8416
bce7935598a51703a7077dd75e1d30882533c6e1
5466d19b6349cc09de47de356c3195b2fd367a5ab8f1c55e8aaf2f296915d46d
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /WebResource.axd?d=SL_BE9Uq8aHfluphVKgKVObst0UiBGPP5wJRJMNa5tTlvBu6p3xQoE2X3fFzqxdXghaJ1FU1Pjm62w5cheOfJTjsWj7YBG7aQgxGNLe4p501&t=637814948020000000 HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: public
Content-Type: application/x-javascript
Content-Encoding: gzip
Expires: Fri, 12 Apr 2024 11:46:52 GMT
Last-Modified: Sat, 26 Feb 2022 09:53:22 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 6007
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:443
Requested by http://dev.rollcall.asia/login.aspx
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dev.rollcall.asia
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Apr 2023 10:32:08 GMT
expires: Wed, 10 Apr 2024 10:32:08 GMT
cache-control: public, max-age=31536000
age: 207004
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
54.230.111.74 200 B URL js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 54.230.111.74:0
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint2A:3E:8A:26:72:A8:93:41:18:D3:CF:E6:28:64:CC:4E:28:9B:D7:D1
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 93afeeb17bc37e711759584dbfc50d47
bbbc9e5d68854172c90b993064df560996a2a433
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dev.rollcall.asia/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Tue, 04 Apr 2023 17:28:14 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 13 Apr 2023 19:40:21 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zO6mN6E4nQ4BA-5TDBV1LBwIzbbS4IQjJtSvxmh_-TKauHmBFmqzDA==
age: 1314
X-Firefox-Spdy: h2
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
54.230.111.74200 OK 631 B URL GET HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 54.230.111.74:443
Requested by https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html#url=http%3A%2F%2Fdev.rollcall.asia%2Flogin.aspx&title=&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint2A:3E:8A:26:72:A8:93:41:18:D3:CF:E6:28:64:CC:4E:28:9B:D7:D1
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
File type ASCII text, with very long lines (526)
Hash f8f6a4584135f737b26927596ce6e0a7
609ea9e9c46563fb1dc78a7967c926394e73ffab
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 631
last-modified: Mon, 03 Apr 2023 20:02:16 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Thu, 13 Apr 2023 19:46:15 GMT
cache-control: max-age=31536000
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: arrWGgsvnPL_hvVt2B96_9FVlfQmUX8Jaih9ikojQwNm9xPozDl6hg==
age: 967
X-Firefox-Spdy: h2
m.stripe.network/inner.html
54.230.111.85 930 B URL m.stripe.network/inner.html
IP 54.230.111.85:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Thu, 13 Apr 2023 20:01:00 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lfrrYNvB6lKl2SYmE8y8uIlyl9aHWJDlkYlXu_luqEIObcsdXnGyPg==
age: 73
X-Firefox-Spdy: h2
dev.rollcall.asia/images/malaysia-spurs-2014%20logo.png
103.8.24.77200 OK 14 kB URL GET HTTP/1.1 dev.rollcall.asia/images/malaysia-spurs-2014%20logo.png
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type PNG image data, 288 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash 1956fc9d44bfd6287d463fb3b91872ff
54789a9d9a24f73eb726b76bb30f878e26583c4a
f4f42b48cd1c89c319565fe07341239cc805e6699901523397f34371087a3492
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /images/malaysia-spurs-2014%20logo.png HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Wed, 29 Sep 2021 02:17:42 GMT
Accept-Ranges: bytes
ETag: "1aaee32ed8b4d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 14291
dev.rollcall.asia/images/tee-shirt-age.jpg
103.8.24.77200 OK 48 kB URL GET HTTP/1.1 dev.rollcall.asia/images/tee-shirt-age.jpg
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 637x256, components 3\012- data
Hash 1474b44ac7d49bef6803159801e39781
5f7cf3b2e6f0ebc301a78f0ff4de04ae90799033
675d086579c3a4e65900e6ecd7e729590ce9df67efd4b3a87eef4289674ef1c7
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /images/tee-shirt-age.jpg HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 29 Sep 2021 02:17:41 GMT
Accept-Ranges: bytes
ETag: "4e9f542ed8b4d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 47598
dev.rollcall.asia/favicon.ico
103.8.24.77200 OK 15 kB URL GET HTTP/1.1 dev.rollcall.asia/favicon.ico
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash f152ec0f6ed1b28bcd967edc71dbb5b9
ceaed4b7ac06ea6e3419d8abe8d69a9d2c627a55
ad475622fde89826b43805fb383d0e21a88c4c24fd823d6d8b534d89c7502251
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /favicon.ico HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 28 Sep 2021 07:25:52 GMT
Accept-Ranges: bytes
ETag: "204a36113ab4d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 15406
dev.rollcall.asia/images/tee-shirt-sizes.jpg
103.8.24.77200 OK 97 kB URL GET HTTP/1.1 dev.rollcall.asia/images/tee-shirt-sizes.jpg
IP 103.8.24.77:80
ASN #132241 SKSA TECHNOLOGY SDN BHD
Requested by http://dev.rollcall.asia/login.aspx
File type JPEG image data, baseline, precision 8, 600x522, components 3\012- data
Hash 9db01a84efd5d0ac7371f3f95745e36b
b1d93b843466b4b7af6853959b5e868a28db08ac
2e02b92da45e7bb3f77e0e421f009cc102df54eacce8fe082e387af9e87c26c1
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.asia domain
GET /images/tee-shirt-sizes.jpg HTTP/1.1
Host: dev.rollcall.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.rollcall.asia/login.aspx
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 29 Sep 2021 02:17:41 GMT
Accept-Ranges: bytes
ETag: "4e9f542ed8b4d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Thu, 13 Apr 2023 20:00:01 GMT
Content-Length: 97277
m.stripe.com/6
34.208.115.43200 OK 156 B IP 34.208.115.43:443
Requested by https://m.stripe.network/inner.html#url=http%3A%2F%2Fdev.rollcall.asia%2Flogin.aspx&title=&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjectm.stripe.com
Fingerprint9D:72:C7:74:70:0F:4F:78:09:D4:E5:38:66:43:43:B6:8D:7F:BD:AC
ValidityTue, 28 Mar 2023 00:00:00 GMT - Wed, 26 Jul 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash f8ea33e201e85c604ba5c0b4071a82cb
f54c632d009ddc9a61dbc5be1839bb9fcf26571b
bac99dbc429d595e86fea594899c2b5791e61f9213106444a3da0ed50b724a61
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2932
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 13 Apr 2023 20:02:13 GMT
content-length: 156
set-cookie: m=889af355-2ad7-4af5-9e36-d82b7bd673dcfe2ffe;Expires=Sat, 12-Apr-2025 20:02:13 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1681416133121761
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-bg-intended-route-color: green
x-stripe-client-envoy-start-time-us: 1681416133121408
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL GET HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:443
Requested by http://dev.rollcall.asia/login.aspx
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint76:06:6A:AA:FB:72:F8:BA:90:67:2F:91:97:14:FB:68:D0:65:E9:22
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dev.rollcall.asia
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Apr 2023 02:07:56 GMT
expires: Fri, 12 Apr 2024 02:07:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
age: 64455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
54.230.111.74200 OK 200 B URL GET HTTP/2 js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
IP 54.230.111.74:443
Requested by http://dev.rollcall.asia/login.aspx
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint2A:3E:8A:26:72:A8:93:41:18:D3:CF:E6:28:64:CC:4E:28:9B:D7:D1
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 5b6f862fa254d124a67b7854019887d6
ee30c88b9a4ab2877225288aefcf471f6decd1c4
187e2186836cc37432836005e6dc1fff96e80122e8154a15f38aaa7a3a27401d
GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dev.rollcall.asia/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 200
last-modified: Tue, 04 Apr 2023 17:28:14 GMT
accept-ranges: bytes
server: Cloudfront
access-control-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
timing-allow-origin: *
date: Thu, 13 Apr 2023 19:40:21 GMT
cache-control: max-age=31536000
etag: "93afeeb17bc37e711759584dbfc50d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zO6mN6E4nQ4BA-5TDBV1LBwIzbbS4IQjJtSvxmh_-TKauHmBFmqzDA==
age: 1314
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
54.230.111.85200 OK 88 kB URL GET HTTP/2 m.stripe.network/out-4.5.42.js
IP 54.230.111.85:443
Requested by https://m.stripe.network/inner.html#url=http%3A%2F%2Fdev.rollcall.asia%2Flogin.aspx&title=&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint2A:3E:8A:26:72:A8:93:41:18:D3:CF:E6:28:64:CC:4E:28:9B:D7:D1
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Apr 2023 20:00:44 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g04ryTyU3ElczTvt8d263jBKJuPYAzIo-RibBNblC9Y2MQiTARKbCQ==
age: 89
X-Firefox-Spdy: h2
m.stripe.network/inner.html
54.230.111.85200 OK 930 B URL GET HTTP/2 m.stripe.network/inner.html
IP 54.230.111.85:443
Requested by https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html#url=http%3A%2F%2Fdev.rollcall.asia%2Flogin.aspx&title=&referrer=&muid=NA&sid=NA&version=6&preview=false
Certificate IssuerDigiCert Inc
Subjecta.stripecdn.com
Fingerprint2A:3E:8A:26:72:A8:93:41:18:D3:CF:E6:28:64:CC:4E:28:9B:D7:D1
ValidityMon, 06 Feb 2023 00:00:00 GMT - Sat, 13 May 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (950), with no line terminators
Hash 709989cf22f7742eb35359982343e4c3
cc04f01001c0b0d27b4f5555e2d56f2e85511917
fbd4b19350d4534b3395e6bd10b8fe50476ca79c7adda65cf10ca52abb2b7ff2
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Thu, 13 Apr 2023 20:01:00 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lfrrYNvB6lKl2SYmE8y8uIlyl9aHWJDlkYlXu_luqEIObcsdXnGyPg==
age: 73
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
142.250.74.106200 OK 16 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic
IP 142.250.74.106:443
Requested by http://dev.rollcall.asia/login.aspx
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint77:43:87:91:D0:0A:64:BD:84:1C:9A:F5:10:86:8E:8E:04:F1:F9:A3
ValidityMon, 20 Mar 2023 08:25:51 GMT - Mon, 12 Jun 2023 08:25:50 GMT
Hash 829ee39d0e105bfa2570acc3b5ff88d2
2cb33e69a30b0568f0ae2698284760eaf5cf30e5
a4142e031c7c7f8bde7c59525036b546ea971c87308c4d63b60cf4f9f999f9f0
GET /css?family=Source+Sans+Pro:300,400,600,700,300italic,400italic,600italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dev.rollcall.asia/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Apr 2023 20:02:11 GMT
date: Thu, 13 Apr 2023 20:02:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2