cdn.ampproject.org/v0.js
200 OK 73 kB IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE
ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT
File type Unicode text, UTF-8 text, with very long lines (64684)
Hash f0365608b7ed1b269e0f9c1c12069b1b
37fc08e32173f6c1a674d90f18d5c56801c8b5f2
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
GET /v0.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 73200
date: Tue, 28 Nov 2023 10:36:35 GMT
expires: Tue, 28 Nov 2023 10:36:35 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "b209cac081bc437c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/v0/amp-analytics-0.1.js
200 OK 32 kB URL GET HTTP/2 cdn.ampproject.org/v0/amp-analytics-0.1.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE
ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT
File type ASCII text, with very long lines (65534)
Hash 801f8606c836a922c9997caab0309e88
85c4be48ecfe63911569ebeb2ff5d9f49f6f283d
afe48129d69d1636977964c86ba5a17bc8105402afa294c0a61300f6df050a63
GET /v0/amp-analytics-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 32227
date: Tue, 28 Nov 2023 10:36:35 GMT
expires: Tue, 28 Nov 2023 10:36:35 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "705776dc36d17428"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/v0/amp-iframe-0.1.js
200 OK 8.9 kB URL GET HTTP/2 cdn.ampproject.org/v0/amp-iframe-0.1.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE
ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT
File type ASCII text, with very long lines (25617)
Hash fb8604daeeb470e73c46ceae8c84c1b2
173ce838eb3d3f92968b7222913a204a8d52898d
7b83967bf7b0fcf33883d699614c0a968a4f3b8487314f384d38a6ddcd0bd665
GET /v0/amp-iframe-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 8919
date: Tue, 28 Nov 2023 10:36:35 GMT
expires: Tue, 28 Nov 2023 10:36:35 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "09e72aa6a2134a2c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syairsidney.biz/asset/font/ArimoReg.ttf
404 Not Found 708 B URL GET HTTP/2 syairsidney.biz/asset/font/ArimoReg.ttf
IP
ASN #133752 Leaseweb Asia Pacific pte. ltd.
Certificate IssuerLet's Encrypt
Subjectsyairsidney.biz
FingerprintC8:BA:79:67:21:7B:35:B2:E0:80:E2:F3:17:06:F7:7C:88:4D:8F:6C
ValiditySat, 04 Nov 2023 21:32:37 GMT - Fri, 02 Feb 2024 21:32:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
GET /asset/font/ArimoReg.ttf HTTP/1.1
Host: syairsidney.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Tue, 28 Nov 2023 10:36:35 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
syairsidney.biz/asset/font/RobotoCondensed-Regular.ttf
404 Not Found 708 B URL GET HTTP/2 syairsidney.biz/asset/font/RobotoCondensed-Regular.ttf
IP
ASN #133752 Leaseweb Asia Pacific pte. ltd.
Certificate IssuerLet's Encrypt
Subjectsyairsidney.biz
FingerprintC8:BA:79:67:21:7B:35:B2:E0:80:E2:F3:17:06:F7:7C:88:4D:8F:6C
ValiditySat, 04 Nov 2023 21:32:37 GMT - Fri, 02 Feb 2024 21:32:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
GET /asset/font/RobotoCondensed-Regular.ttf HTTP/1.1
Host: syairsidney.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Tue, 28 Nov 2023 10:36:35 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
727 B URL zerossl.ocsp.sectigo.com/
IP
Hash b0f3019f0b933d918b098685e1546279
c8cc47f233e98d4b750175fa7912248ce70d8e8b
66fa2a2f8b1e550adf14e74c3f69733f402ae9ae9cb773c87a3e98fc03044ede
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 04:53:23 GMT
Expires: Mon, 04 Dec 2023 04:53:22 GMT
Etag: "c8cc47f233e98d4b750175fa7912248ce70d8e8b"
Cache-Control: max-age=497205,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f885def0b503-OSL
zerossl.ocsp.sectigo.com/
727 B URL zerossl.ocsp.sectigo.com/
IP
Hash 86e505cb421f452f196920d8584ff0c7
adb5dc899cea8b7882b8926eb863528a1855dbd5
4969f21425ebf196670e74f5dafedac6e9a8bff95c7b214e9de6ab0463bc943f
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 25 Nov 2023 03:13:17 GMT
Expires: Sat, 02 Dec 2023 03:13:16 GMT
Etag: "adb5dc899cea8b7882b8926eb863528a1855dbd5"
Cache-Control: max-age=318399,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f885d9ef56a5-OSL
zerossl.ocsp.sectigo.com/
727 B URL zerossl.ocsp.sectigo.com/
IP
Hash f74890506acdb34e0029a73960c53479
2c006e44fb355f89a978706bf99990ede7334e78
3b6ed8f61f01c1d1e4d04b185cea14da8b2523aff91d80105f5f29e7fcdb1ef4
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 12:13:33 GMT
Expires: Mon, 04 Dec 2023 12:13:32 GMT
Etag: "2c006e44fb355f89a978706bf99990ede7334e78"
Cache-Control: max-age=523615,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f8861ac0569a-OSL
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash e52b1e5c01e036d1783183fe39268351
3caaba5a1dd30f80bac9239075c335f63b70aa6d
fdff45ad91d36826781e270ecfc8614d5e2fb9e4229a5cb683fb72b1200494ca
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 26 Nov 2023 20:24:45 GMT
Expires: Sun, 03 Dec 2023 20:24:44 GMT
Etag: "3caaba5a1dd30f80bac9239075c335f63b70aa6d"
Cache-Control: max-age=466687,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f885bf597128-OSL
zerossl.ocsp.sectigo.com/
727 B URL zerossl.ocsp.sectigo.com/
IP
Hash 46e4ad9b78243569280e985a69a4e0d9
39238775b73469896057839667e81e5302474b71
edf2dfbbfa3b5a58665b8319e061af11ed4d358a8ed9de40217c6b7da2ad9ae3
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 25 Nov 2023 07:30:17 GMT
Expires: Sat, 02 Dec 2023 07:30:16 GMT
Etag: "39238775b73469896057839667e81e5302474b71"
Cache-Control: max-age=333819,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f88718557128-OSL
zerossl.ocsp.sectigo.com/
727 B URL zerossl.ocsp.sectigo.com/
IP
Hash a0274c8a0376e1fbc323e91cc52d07eb
994c8d5aa5f0f056c397e146332272d5743fecb1
66d8488eb37572d08fd2ec52fee197ba0f896e7c8e212d84f2f2abf58e69f97d
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 17:47:22 GMT
Expires: Mon, 04 Dec 2023 17:47:21 GMT
Etag: "994c8d5aa5f0f056c397e146332272d5743fecb1"
Cache-Control: max-age=543644,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f8867a9856a5-OSL
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash e8b837800c5de809c5b1bd58af53aaa5
bc3c29b8ec5ac50b31e68b8734232e5348486573
72df82f618bb92198a5bf5e8c821bf14b7267f2f171804b50adceb46f0d1f8c8
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 20:04:05 GMT
Expires: Mon, 04 Dec 2023 20:04:04 GMT
Etag: "bc3c29b8ec5ac50b31e68b8734232e5348486573"
Cache-Control: max-age=551847,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f88798ab7128-OSL
zerossl.ocsp.sectigo.com/
727 B URL zerossl.ocsp.sectigo.com/
IP
Hash 74b3ee58f77d4e722ec2dad8bd7811e2
634a3c940a3427b0a0af60be340f810624dd5b33
ab71536c81adebc575623c1b6b46396ee22808d8bfcb3d2aaaca2eb8b0c6aa0b
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 15:44:14 GMT
Expires: Mon, 04 Dec 2023 15:44:13 GMT
Etag: "634a3c940a3427b0a0af60be340f810624dd5b33"
Cache-Control: max-age=536256,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f885da7056b7-OSL
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash 09723a1cab6ce8ad3e0dcb939beaba54
305d508862802e18fcd3657d82041613f77d80fa
a01496841ecc1e73855cbfab33ebb2958fa04c84bb7c2f1e9bb10d593432a3ab
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sat, 25 Nov 2023 13:15:04 GMT
Expires: Sat, 02 Dec 2023 13:15:03 GMT
Etag: "305d508862802e18fcd3657d82041613f77d80fa"
Cache-Control: max-age=354506,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f8866f93b503-OSL
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash a677d69abd5f26d6f53a2aff8675bb19
cb7b90a662fcda7d20c8adf8946e102086a2277d
642f605162794794758473ceaee4cb1294c7898a3013d5cc35e86cbf52adaedc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 26 Nov 2023 12:33:28 GMT
Expires: Sun, 03 Dec 2023 12:33:27 GMT
Etag: "cb7b90a662fcda7d20c8adf8946e102086a2277d"
Cache-Control: max-age=438410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f8887938b503-OSL
cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
200 OK 3.0 kB URL GET HTTP/2 cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE
ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT
File type ASCII text, with very long lines (7690)
Hash 50d01f9355b127adcc090233772bbb1c
66e0ee80cc12c71c6dda77255230c7f207538447
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
GET /rtv/012310301456000/v0/amp-auto-lightbox-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://syairsidney.biz
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2975
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 07:56:29 GMT
expires: Wed, 27 Nov 2024 07:56:29 GMT
cache-control: public, max-age=31536000
etag: "ebb1be4e47c7faed"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 9607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imagizer.imageshack.com/v2/962x271q90/924/57iFB6.png
200 OK 17 kB URL GET HTTP/2 imagizer.imageshack.com/v2/962x271q90/924/57iFB6.png
IP
ASN #20940 Akamai International B.V.
Certificate IssuerLet's Encrypt
Subjectimagizer.imageshack.com
FingerprintE7:74:3C:8A:83:A2:9B:88:81:61:F4:7C:DC:D9:A4:30:B4:02:1E:81
ValidityThu, 28 Sep 2023 19:23:44 GMT - Wed, 27 Dec 2023 19:23:43 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6f9851a10d1290da9f9680689fed0b7f
64ac2827b675f00bcdcc9082de39e01e04cccaa0
6c45d283fddfd625060912083fd6facc6f16fdb7c2b28d9930a3f4dbdb42fc10
GET /v2/962x271q90/924/57iFB6.png HTTP/1.1
Host: imagizer.imageshack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.2.8
content-type: image/webp
content-length: 16812
x-original-response-code: 200
x-original-filesize: 27494
x-origin-fetch-time: 64
x-original-resolution: 962x271
x-imagizer-host: imageshack.imagizer.com
xkey: imageshack.imagizer.com
etag: c4ca4238a0b923820dcc509a6f75849b
x-ops: {"quality":90,"width":962,"height":271}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-cache-hits: 0
access-control-allow-methods: GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS, GET, POST, OPTIONS, GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-credentials: true, true, true
accept-ranges: bytes
x-varnish: 2780481683 2735034540
x-varnish-hits: 27
x-varnish-ip: 38.99.77.34
x-varnish-port: 17001
cache-control: public, max-age=1442712
date: Tue, 28 Nov 2023 10:36:36 GMT
akamai-cache-status: Miss from child, Miss from parent
x-webp: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash fa59a7443f691b790e6ec34eb44e9de8
87c74187891b1a06e9dc5b307db69f77399762a5
ebcde3b43794ab235d8e4b420a21f20f2f00aeb45de97086ba2a33cf151ca970
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 14:09:26 GMT
Expires: Mon, 04 Dec 2023 14:09:25 GMT
Etag: "87c74187891b1a06e9dc5b307db69f77399762a5"
Cache-Control: max-age=530568,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f887cbd356a5-OSL
cdn.ampproject.org/rtv/012310301456000/v0/analytics-vendors/gtag.json
200 OK 926 B URL GET HTTP/2 cdn.ampproject.org/rtv/012310301456000/v0/analytics-vendors/gtag.json
IP
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.google.com
FingerprintE4:33:2C:42:1C:4F:E6:01:93:AD:F1:5F:70:4D:33:1F:3B:5F:AB:DE
ValidityMon, 23 Oct 2023 11:20:02 GMT - Mon, 15 Jan 2024 11:20:01 GMT
File type JSON data\012- , ASCII text, with very long lines (2574), with no line terminators
Hash a5e4bdaaa9f13a15282cbe87c3612bf1
4f77670868217bd6ce11c7434a2e182cb6127a78
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
GET /rtv/012310301456000/v0/analytics-vendors/gtag.json HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syairsidney.biz/
Origin: https://syairsidney.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 926
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 07:23:58 GMT
expires: Fri, 22 Nov 2024 07:23:58 GMT
cache-control: public, max-age=31536000
etag: "6d6741917ac48e11"
content-type: application/json
vary: Accept-Encoding
age: 443558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash 2e38c5713bb4126de3ce1c15394201f2
6b992eda29698939f4d3d7afdeb5210e72794cf3
4e8e0bb5d7351b087cfc617e0eca6d04ea044c7b860604a51fdd24f7e6623cb1
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 22:44:49 GMT
Expires: Mon, 04 Dec 2023 22:44:48 GMT
Etag: "6b992eda29698939f4d3d7afdeb5210e72794cf3"
Cache-Control: max-age=561491,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f887f8fe7128-OSL
www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fsyairsidney.biz
200 OK 699 B URL POST HTTP/2 www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fsyairsidney.biz
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type JSON data\012- , ASCII text, with very long lines (1289), with no line terminators
Hash 3ad1db910bff425e032ab75be1912e56
690c14bdc5b13780cb35677963c74707d3798963
78abdeabda1102af1ad9c46f3c2ca91527f55f2b5a068f25c546b7223215cb36
POST /gtag/amp?__amp_source_origin=https%3A%2F%2Fsyairsidney.biz HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syairsidney.biz/
Content-Type: text/plain;charset=utf-8
Content-Length: 231
Origin: https://syairsidney.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://syairsidney.biz
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: https://syairsidney.biz
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="amp.json"
content-encoding: br
vary: *
date: Tue, 28 Nov 2023 10:36:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash 1f477a13b4699b95053a048faf82ae35
00f4cb2d23c1b36fdb2b44cede8d7c8a54427da4
656e06e698d6fb4ceb94798d37ccf2831ad98dab158a4fa8fb925dad0b937d52
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 10:59:59 GMT
Expires: Mon, 04 Dec 2023 10:59:58 GMT
Etag: "00f4cb2d23c1b36fdb2b44cede8d7c8a54427da4"
Cache-Control: max-age=519201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f887fc5056b7-OSL
zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash 6c2e1ba516a85c1121a45e648da182ac
fc2bf77630d787dc8987d1da453c7c423015d77e
2c4330c8386b519862a0dc0e59c786f1ab03580bae3104f23d627259a29e4648
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Nov 2023 10:36:37 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 26 Nov 2023 03:37:34 GMT
Expires: Sun, 03 Dec 2023 03:37:33 GMT
Etag: "fc2bf77630d787dc8987d1da453c7c423015d77e"
Cache-Control: max-age=406256,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82d1f8867b10569a-OSL
139.59.118.12/sydney/Bocoran-Syair-Sydney-18-November-2023-Hari-Sabtu-Dari-Langit.png?cache=003225
200 OK 359 kB URL GET HTTP/1.1 139.59.118.12/sydney/Bocoran-Syair-Sydney-18-November-2023-Hari-Sabtu-Dari-Langit.png?cache=003225
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject139.59.118.12
FingerprintC7:F2:11:19:37:F3:88:8A:06:87:B3:09:DF:98:35:D2:A7:66:78:B9
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type PNG image data, 768 x 842, 8-bit/color RGB, non-interlaced\012- data
Size 359 kB (359385 bytes)
Hash b7f9d67603b7055acdc8d450fda72c34
68dfd46d654d9dbd92efab72e779e8ec259f1212
a9a64af432065ae1f2d2bd56fdd880dd8e0492c96eeb48232edf057959132975
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sydney/Bocoran-Syair-Sydney-18-November-2023-Hari-Sabtu-Dari-Langit.png?cache=003225 HTTP/1.1
Host: 139.59.118.12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 359385
Last-Modified: Fri, 17 Nov 2023 06:59:16 GMT
Connection: keep-alive
ETag: "65570f44-57bd9"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
128.199.87.240/suhu_sdy/Syair-Prediksi-Suhu-Togel-SDY-29-November-2023-Hari-Rabu.jpg
200 OK 156 kB URL GET HTTP/1.1 128.199.87.240/suhu_sdy/Syair-Prediksi-Suhu-Togel-SDY-29-November-2023-Hari-Rabu.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject128.199.87.240
Fingerprint91:64:77:BD:0E:1E:4B:BC:6B:05:E7:BF:E0:F0:86:49:56:9B:88:59
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 768x842, components 3\012- data
Size 156 kB (155577 bytes)
Hash c52b55ac62ba52f2b0a358f361c7d29a
2daa7d480a1e65824d64587a16c994cc7fec429d
c37c42d345049decc0dc27d2cfc05f9668ec3d948d27f0e8448e765c83189fe0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /suhu_sdy/Syair-Prediksi-Suhu-Togel-SDY-29-November-2023-Hari-Rabu.jpg HTTP/1.1
Host: 128.199.87.240
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/jpeg
Content-Length: 155577
Last-Modified: Tue, 28 Nov 2023 07:08:28 GMT
Connection: keep-alive
ETag: "656591ec-25fb9"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
159.223.51.74/prediksi-sdy/Prediksi-Togelers-SDY-29-November-2023-Hari-Rabu.jpg
200 OK 84 kB URL GET HTTP/1.1 159.223.51.74/prediksi-sdy/Prediksi-Togelers-SDY-29-November-2023-Hari-Rabu.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject159.223.51.74
FingerprintE8:F4:24:3D:97:04:79:B8:39:A3:AA:1C:FA:BF:CE:4A:E0:C3:1A:E9
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1250x800, components 3\012- data
Hash fcf633fa4caf355bcb4933335c1301d7
560752fca71539d2381baafb43996f5047943775
b25b329aef20c0db391459b9631fd54a7502aded4acbf7b87eace6399a4b791c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /prediksi-sdy/Prediksi-Togelers-SDY-29-November-2023-Hari-Rabu.jpg HTTP/1.1
Host: 159.223.51.74
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/jpeg
Content-Length: 83806
Last-Modified: Tue, 28 Nov 2023 07:16:33 GMT
Connection: keep-alive
ETag: "656593d1-1475e"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
200 OK 149 kB URL User Request GET HTTP/2 IP
ASN #133752 Leaseweb Asia Pacific pte. ltd.
Certificate IssuerLet's Encrypt
Subjectsyairsidney.biz
FingerprintC8:BA:79:67:21:7B:35:B2:E0:80:E2:F3:17:06:F7:7C:88:4D:8F:6C
ValiditySat, 04 Nov 2023 21:32:37 GMT - Fri, 02 Feb 2024 21:32:36 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (491), with CRLF line terminators
Size 149 kB (149336 bytes)
Hash e420f49902b46daf2964e72dc4d82c27
433146e64de31ca9a5ffd8fd080f3a9e4b40a838
d50c5bfed858a1f846271fe04e2923ca25b6635f7438ae2abc874a7d640c6cc7
GET / HTTP/1.1
Host: syairsidney.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Tue, 28 Nov 2023 10:36:34 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
178.128.222.42/eyang-sydney/Prediksi-Jitu-Sydney-Hari-Ini-Rabu-29-November-2023.png
200 OK 735 kB URL GET HTTP/1.1 178.128.222.42/eyang-sydney/Prediksi-Jitu-Sydney-Hari-Ini-Rabu-29-November-2023.png
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject178.128.222.42
Fingerprint9D:BF:1D:BC:D3:99:B1:DC:49:72:BC:ED:6B:11:5F:86:C1:32:2B:DF
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type PNG image data, 768 x 842, 8-bit/color RGB, non-interlaced\012- data
Size 735 kB (734865 bytes)
Hash f457c360a1f1b204a12f9d43e0fdc9aa
d21e0c138acd2a2efc7f808f137a9a23d2793a1a
e9bc00e913a4d7d0f33b16d2a581af7a8fc15aa3c274006dda0cef602c8fca7e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /eyang-sydney/Prediksi-Jitu-Sydney-Hari-Ini-Rabu-29-November-2023.png HTTP/1.1
Host: 178.128.222.42
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 734865
Last-Modified: Tue, 28 Nov 2023 07:16:47 GMT
Connection: keep-alive
ETag: "656593df-b3691"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
146.190.81.76/syair-sydney/Kode-Syair-Sydney-29-November-2023-Hari-Rabu.png
200 OK 736 kB URL GET HTTP/1.1 146.190.81.76/syair-sydney/Kode-Syair-Sydney-29-November-2023-Hari-Rabu.png
IP
Certificate IssuerZeroSSL
Subject146.190.81.76
Fingerprint86:FD:4C:19:B3:BF:D4:43:7D:09:D8:29:47:0C:BF:53:6E:EE:FF:1D
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 833 x 533, 8-bit/color RGB, non-interlaced\012- data
Size 736 kB (736398 bytes)
Hash d3e9719c34a2727ae85a8d5676873a47
86efbe95fa2ddf431ad107359c71948251c5830f
272746c35ecf2d11b30489f775a72b0aee0084bc414512e5c01445404051db7e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /syair-sydney/Kode-Syair-Sydney-29-November-2023-Hari-Rabu.png HTTP/1.1
Host: 146.190.81.76
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 736398
Last-Modified: Tue, 28 Nov 2023 07:16:41 GMT
Connection: keep-alive
ETag: "656593d9-b3c8e"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
128.199.149.215/prediksi-sdy/Bocoran-Syair-Togel-Sydney-Tanggal-29-November-2023-Hari-Rabu.png
200 OK 256 kB URL GET HTTP/1.1 128.199.149.215/prediksi-sdy/Bocoran-Syair-Togel-Sydney-Tanggal-29-November-2023-Hari-Rabu.png
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject128.199.149.215
Fingerprint29:0E:62:98:F8:70:17:2B:2D:1A:42:4A:8E:31:2A:F2:64:22:DD:28
ValidityFri, 29 Sep 2023 00:00:00 GMT - Thu, 28 Dec 2023 23:59:59 GMT
File type PNG image data, 768 x 842, 8-bit/color RGB, non-interlaced\012- data
Size 256 kB (255739 bytes)
Hash 95016aa91ac0f58e01b17443282e4834
04786211204c11cf0c296a59ecbec0457785fe4d
13844765b2ea0ca8b3b97b2de24d33a431e0d6371678ddc5634294b16fdbfcb2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /prediksi-sdy/Bocoran-Syair-Togel-Sydney-Tanggal-29-November-2023-Hari-Rabu.png HTTP/1.1
Host: 128.199.149.215
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 255739
Last-Modified: Tue, 28 Nov 2023 07:09:38 GMT
Connection: keep-alive
ETag: "65659232-3e6fb"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
165.232.161.43/angka-main-sdy/Prediksi-Syair-Sydney-Hari-Ini-Rabu-29-November-2023.png
200 OK 685 kB URL GET HTTP/1.1 165.232.161.43/angka-main-sdy/Prediksi-Syair-Sydney-Hari-Ini-Rabu-29-November-2023.png
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject165.232.161.43
Fingerprint5F:25:98:EC:A7:DB:99:29:75:F4:F1:A5:58:C0:FB:AF:D5:C3:FC:C6
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type PNG image data, 768 x 842, 8-bit/color RGB, non-interlaced\012- data
Size 685 kB (685352 bytes)
Hash 167b511e214aaf4a0dbeb3b7bc82ec87
bc0cb43cecceb21c3173c4094c323664da8afb38
c06da52a205051baa86d4e0d614e860198f87387dd9502a374003856b94f397f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /angka-main-sdy/Prediksi-Syair-Sydney-Hari-Ini-Rabu-29-November-2023.png HTTP/1.1
Host: 165.232.161.43
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 685352
Last-Modified: Tue, 28 Nov 2023 07:16:57 GMT
Connection: keep-alive
ETag: "656593e9-a7528"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
157.245.62.208/monster-sdy/Kode-Monster-SDY-Hari-Selasa-28-November-2023.jpg
200 OK 127 kB URL GET HTTP/1.1 157.245.62.208/monster-sdy/Kode-Monster-SDY-Hari-Selasa-28-November-2023.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject157.245.62.208
FingerprintCF:4A:B9:7B:84:D4:ED:00:9F:46:BB:4D:9D:7F:72:98:C8:66:33:2B
ValidityMon, 02 Oct 2023 00:00:00 GMT - Sun, 31 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 73x73, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 768x842, components 3\012- data
Size 127 kB (126620 bytes)
Hash 398cb2b7edbabe76ecf53c2375023643
6acd92e02ac5b9e3d1ddfeb86092f28bca9fe599
c2027cae18a34a66d61d45e30f0eddf15a2c217fee15fe521e2938b50aed2e2d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /monster-sdy/Kode-Monster-SDY-Hari-Selasa-28-November-2023.jpg HTTP/1.1
Host: 157.245.62.208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/jpeg
Content-Length: 126620
Last-Modified: Mon, 27 Nov 2023 07:05:59 GMT
Connection: keep-alive
ETag: "65643fd7-1ee9c"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
167.172.80.220/sydney/Rumus-Prediksi-Sydney-Togel-Hari-Ini-Rabu-29-November-2023.png
200 OK 468 kB URL GET HTTP/1.1 167.172.80.220/sydney/Rumus-Prediksi-Sydney-Togel-Hari-Ini-Rabu-29-November-2023.png
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject167.172.80.220
Fingerprint81:8F:8A:AB:35:8C:62:20:AE:A2:CE:2E:B9:8E:21:78:0B:E1:1B:FD
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type PNG image data, 833 x 533, 8-bit/color RGB, non-interlaced\012- data
Size 468 kB (468424 bytes)
Hash 62e3eb86e5cc6ce87dfa2bca9dbb4800
e63543bc7a288348491a47cf37460163dbcc4541
928e5e0064f15efb4d7cb98ea99cd8f4d523b26fca005ec476d3ad285ed4061b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sydney/Rumus-Prediksi-Sydney-Togel-Hari-Ini-Rabu-29-November-2023.png HTTP/1.1
Host: 167.172.80.220
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 468424
Last-Modified: Tue, 28 Nov 2023 07:14:11 GMT
Connection: keep-alive
ETag: "65659343-725c8"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
146.190.81.73/prediksi-togel-sydney/Forum-Syair-Togel-Sydney-29-November-2023-Hari-Rabu.png
200 OK 675 kB URL GET HTTP/1.1 146.190.81.73/prediksi-togel-sydney/Forum-Syair-Togel-Sydney-29-November-2023-Hari-Rabu.png
IP
Certificate IssuerZeroSSL
Subject146.190.81.73
Fingerprint3C:FC:29:D3:35:8B:C3:72:E3:39:2C:81:E8:42:EC:84:FD:A2:D3:34
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 768 x 842, 8-bit/color RGB, non-interlaced\012- data
Size 675 kB (675421 bytes)
Hash d5a2597f25e6be0fbe81e73ea87b9565
17a03d8634703914c586ed3728735ff00a27f1e8
de647617c33e7f6c5a39f0497afb5ab1ebd855e4d3257a9db035a76251f528a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /prediksi-togel-sydney/Forum-Syair-Togel-Sydney-29-November-2023-Hari-Rabu.png HTTP/1.1
Host: 146.190.81.73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 675421
Last-Modified: Tue, 28 Nov 2023 07:16:02 GMT
Connection: keep-alive
ETag: "656593b2-a4e5d"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
146.190.81.68/prediksi-dewa-sydney/Prediksi-Keluaran-Sydney-Rabu-29-November-2023-Terjitu.png
200 OK 466 kB URL GET HTTP/1.1 146.190.81.68/prediksi-dewa-sydney/Prediksi-Keluaran-Sydney-Rabu-29-November-2023-Terjitu.png
IP
Certificate IssuerZeroSSL
Subject146.190.81.68
Fingerprint64:FE:A3:CA:25:20:69:CF:91:4F:62:93:FE:83:8E:07:19:C7:86:85
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 1250 x 800, 8-bit/color RGB, non-interlaced\012- data
Size 466 kB (466163 bytes)
Hash ec2c178c182fa9c23919aa15bc7a9cd1
6497980a5de25c478a58111afe5464898d0b98b1
57a14f8d82448e46544f367033040d44bf29c8f31255f1c560e5302f8cda3a50
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /prediksi-dewa-sydney/Prediksi-Keluaran-Sydney-Rabu-29-November-2023-Terjitu.png HTTP/1.1
Host: 146.190.81.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/png
Content-Length: 466163
Last-Modified: Tue, 28 Nov 2023 07:13:18 GMT
Connection: keep-alive
ETag: "6565930e-71cf3"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
146.190.81.66/prediksi-sdy/Prediksi-SYDNEY-29-November-2023-Hari-Rabu.png
200 OK 636 kB URL GET HTTP/1.1 146.190.81.66/prediksi-sdy/Prediksi-SYDNEY-29-November-2023-Hari-Rabu.png
IP
Certificate IssuerZeroSSL
Subject146.190.81.66
FingerprintFD:8B:2F:20:D0:65:A9:08:A9:AD:82:C0:5A:4C:44:B2:BB:CF:70:80
ValiditySun, 05 Nov 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT
File type PNG image data, 1250 x 800, 8-bit/color RGB, non-interlaced\012- data
Size 636 kB (635693 bytes)
Hash 0bf3098fd43e4bb9586f73db8e495e3f
c632b52fa27b9552f6fd5f5b733a473a8ca4b5fc
9ad07637433a6a0793d12798623b70b897143528d1bcaac26c4e2b42c1bb4a1d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /prediksi-sdy/Prediksi-SYDNEY-29-November-2023-Hari-Rabu.png HTTP/1.1
Host: 146.190.81.66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:37 GMT
Content-Type: image/png
Content-Length: 635693
Last-Modified: Tue, 28 Nov 2023 07:13:41 GMT
Connection: keep-alive
ETag: "65659325-9b32d"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
206.189.92.174/prediksi-sydney/Kode-Syair-Sydney-29-November-2023-Hari-Rabu-TerGAIB.png
200 OK 713 kB URL GET HTTP/1.1 206.189.92.174/prediksi-sydney/Kode-Syair-Sydney-29-November-2023-Hari-Rabu-TerGAIB.png
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject206.189.92.174
FingerprintA3:9C:7B:6E:73:A8:06:CB:1F:93:EE:6A:AF:0C:D2:C9:06:1D:D8:8F
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type PNG image data, 768 x 842, 8-bit/color RGB, non-interlaced\012- data
Size 713 kB (713188 bytes)
Hash a1b467914c247405d4241acd107dab17
2f31de6657a04164d838023078eb63211141b933
977b7c8f049ded444ab0a10a1892c36d077f327582d580f24cfeade037675b1a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /prediksi-sydney/Kode-Syair-Sydney-29-November-2023-Hari-Rabu-TerGAIB.png HTTP/1.1
Host: 206.189.92.174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:37 GMT
Content-Type: image/png
Content-Length: 713188
Last-Modified: Tue, 28 Nov 2023 07:13:54 GMT
Connection: keep-alive
ETag: "65659332-ae1e4"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
imagizer.imageshack.com/v2/32x32q90/923/XBb4VS.png
200 OK 1.1 kB URL GET HTTP/2 imagizer.imageshack.com/v2/32x32q90/923/XBb4VS.png
IP
ASN #20940 Akamai International B.V.
Certificate IssuerLet's Encrypt
Subjectimagizer.imageshack.com
FingerprintE7:74:3C:8A:83:A2:9B:88:81:61:F4:7C:DC:D9:A4:30:B4:02:1E:81
ValidityThu, 28 Sep 2023 19:23:44 GMT - Wed, 27 Dec 2023 19:23:43 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 601eb33dfc31fd6e14d9cb6f4119537c
fca0871a5b6829060b68423ffe3363361f4b202d
264c879263219eb037363c8b7c6a92da0391ba106734a2bb24d5dad43e06b3da
GET /v2/32x32q90/923/XBb4VS.png HTTP/1.1
Host: imagizer.imageshack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.2.8
content-type: image/webp
content-length: 1076
x-original-response-code: 200
x-original-filesize: 2357
x-origin-fetch-time: 89
x-original-resolution: 32x32
x-imagizer-host: imageshack.imagizer.com
xkey: imageshack.imagizer.com
etag: c4ca4238a0b923820dcc509a6f75849b
x-ops: {"quality":90,"width":32,"height":32}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN
x-cache-hits: 0
access-control-allow-methods: GET, POST, OPTIONS, HEAD, GET, POST, OPTIONS, GET, POST, OPTIONS, GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length,X-Original-Filesize,X-Original-Resolution,X-CSRF-TOKEN, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
access-control-allow-credentials: true, true, true
accept-ranges: bytes
x-varnish: 1351304175 1329048236
x-varnish-hits: 6
x-varnish-ip: 38.99.77.70
x-varnish-port: 17001
cache-control: public, max-age=2044104
date: Tue, 28 Nov 2023 10:36:38 GMT
akamai-cache-status: Miss from child, Miss from parent
x-webp: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
178.128.85.129/captain-sdy/Prediksi-Captain-Paito-SDY-Rabu-29-November-2023-Terjitu.jpg
200 OK 144 kB URL GET HTTP/1.1 178.128.85.129/captain-sdy/Prediksi-Captain-Paito-SDY-Rabu-29-November-2023-Terjitu.jpg
IP
ASN #14061 DIGITALOCEAN-ASN
Certificate IssuerZeroSSL
Subject178.128.85.129
Fingerprint57:29:16:D1:7C:76:26:DD:7E:39:DB:52:78:AD:00:64:15:1A:E6:AB
ValidityThu, 09 Nov 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 998x639, components 3\012- data
Size 144 kB (144262 bytes)
Hash 86c33e4ef52b415a0b18f87669f1b173
363170f2ffb91686b9abe2b4577d408edafbc49b
28ab1d56eb6afd815233452861a8aef5fd091106f5655a5fc79ec0f0eeaed6b1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /captain-sdy/Prediksi-Captain-Paito-SDY-Rabu-29-November-2023-Terjitu.jpg HTTP/1.1
Host: 178.128.85.129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syairsidney.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 28 Nov 2023 10:36:36 GMT
Content-Type: image/jpeg
Content-Length: 144262
Last-Modified: Tue, 28 Nov 2023 07:16:13 GMT
Connection: keep-alive
ETag: "656593bd-23386"
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Accept-Ranges: bytes
172.96.185.183
178.128.222.42
142.250.74.97
104.18.38.233
95.101.11.32