r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17189
Expires: Fri, 04 Nov 2022 13:25:26 GMT
Date: Fri, 04 Nov 2022 08:38:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: max-age=95515
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:38:58 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 11:10:53 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2842f538168981f07b56e2c69379841a
0cc4ad0a78c1407bc9b7850eb0fb1a02130e3b22
3f9e8fb02409a19ceb54fee3f0f7f73eeed9e0ad63fa778eac7b3e4633d7d682
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: max-age=95515
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:38:58 GMT
Etag: "63638a5c-1d7"
Expires: Sat, 05 Nov 2022 11:10:53 GMT
Last-Modified: Thu, 03 Nov 2022 09:31:08 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 078950c3ba9ad01927f3da494b1d1de4
443c8a8247e4e3e04c14d21e0227fc4e8f396142
dd5dd09fec51669adf36b3014bbf65d7bff608f72018d037f9ed9b414675037c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD5DD09FEC51669ADF36B3014BBF65D7BFF608F72018D037F9ED9B414675037C"
Last-Modified: Fri, 04 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17231
Expires: Fri, 04 Nov 2022 13:26:09 GMT
Date: Fri, 04 Nov 2022 08:38:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DhUk7Lk+zgdF/Nus+vprU4K/Gwi9DU6ua0XIff4/fPG3xaSyEFxh0KeN8q+iDIcwc4fdTnCxbaA=
x-amz-request-id: 09CMZE2GXEV6W5XN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 08:09:31 GMT
age: 1767
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 08:38:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kabaruntukrakyat.com/
173.82.58.74200 OK 11 kB IP 173.82.58.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 6ce10f6e1f8bbb3bf1c4d2e64a6011d9
e9b115d23f6ab23e62ea593379f6026414c1ef33
cd0833740a28f87f375c3eb1a51a175d0d4e5ab5e3363752b581c627bf8d9f55
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
link: <https://kabaruntukrakyat.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
content-length: 10928
date: Fri, 04 Nov 2022 08:38:58 GMT
server: LiteSpeed
connection: Keep-Alive
fonts.googleapis.com/css?family=Saira+Semi+Condensed%3A400%2C700&ver=6.1
142.250.74.10200 OK 470 B URL HTTP/1.1 fonts.googleapis.com/css?family=Saira+Semi+Condensed%3A400%2C700&ver=6.1
IP 142.250.74.10:0
Hash 8d169c8345b1de8031970c3f0a524c19
08f89bcd054029ab8e470346172e79300d6f8668
803760cfc0bdd3a7472961127eed9b0af43738feac044dfc7170002f96ca8cf8
GET /css?family=Saira+Semi+Condensed%3A400%2C700&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 04 Nov 2022 08:38:58 GMT
Date: Fri, 04 Nov 2022 08:38:58 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMerriweather%3A700%2C400%2C700i&ver=6.1
142.250.74.10200 OK 944 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMerriweather%3A700%2C400%2C700i&ver=6.1
IP 142.250.74.10:0
Hash 64044a07f6e5045e3a5577f6daf38dbf
af7cb02ab41f08a2788735a8401892bb091b49b3
a2ed5012edccba163b6e8ca6674bd28530fa1cf3597d39b1241c64f4efe5bb58
GET /css?family=Open+Sans%3A300%2C400%2C600%2C700%7CMerriweather%3A700%2C400%2C700i&ver=6.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 04 Nov 2022 08:38:58 GMT
Date: Fri, 04 Nov 2022 08:38:58 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ec2926e63a926e5dfe7996043dda5f
b419c8aaafba305f568303f348cdafd6f250faf6
a102485c0952b52761e8c577c8c7b0b93a322fc51ffb24ab297bb3ec7ddae814
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 670d0b2f341e8ff1e4ee9fe4fe21e210
dcd277daebf63623b985a81a96bcdc6a6f67c518
75029ab8db44811ac539aa3e2f1f8e015a45b80cb5a1099cec7d64e55e2a72a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2794
Cache-Control: max-age=87264
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:38:58 GMT
Etag: "63637698-1d7"
Expires: Sat, 05 Nov 2022 08:53:22 GMT
Last-Modified: Thu, 03 Nov 2022 08:06:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
kabaruntukrakyat.com/wp-includes/css/classic-themes.min.css?ver=1
173.82.58.74200 OK 189 B URL HTTP/1.1 kabaruntukrakyat.com/wp-includes/css/classic-themes.min.css?ver=1
IP 173.82.58.74:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:58 GMT
etag: "d9-636257aa-1552fc;gz"
last-modified: Wed, 02 Nov 2022 11:42:34 GMT
content-type: text/css
accept-ranges: bytes
date: Fri, 04 Nov 2022 08:38:58 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
kabaruntukrakyat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
173.82.58.74200 OK 12 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (47826)
Hash fb2b333f74a0a19f777cd2d155b973e7
220323e41b0644c082648973b5b9a7d0ec627dfc
63848829c7ce5c1e0a74b89feb3b63cdc0746be6da3edba081865bc1972dc8fa
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:58 GMT
etag: "17265-636257aa-19563d;gz"
last-modified: Wed, 02 Nov 2022 11:42:34 GMT
content-type: text/css
content-length: 12505
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:58 GMT
server: LiteSpeed
connection: Keep-Alive
www.googletagmanager.com/gtag/js?id=UA-235927499-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-235927499-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash fd50681970832dbe190df53339b48c37
1d8ccb1f27978607cdc2d0142d2e3d059f93bc16
8f0716f9a109937bb174179738c3b9787ed6e8a17dc4e58e5e99bc8962aaf323
GET /gtag/js?id=UA-235927499-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:58 GMT
expires: Fri, 04 Nov 2022 08:38:58 GMT
cache-control: private, max-age=900
last-modified: Fri, 04 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ec2926e63a926e5dfe7996043dda5f
b419c8aaafba305f568303f348cdafd6f250faf6
a102485c0952b52761e8c577c8c7b0b93a322fc51ffb24ab297bb3ec7ddae814
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:38:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/owl.carousel.min.css?ver=6.1
173.82.58.74200 OK 1.1 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/owl.carousel.min.css?ver=6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (3184)
Hash 8864ff6a1198eecf45821c602593ff9a
c6097cea47ac44fcec94781f2af0110cb677ab0a
19eaae3fdfe574cd1b1cfd78d30633a4527bde9711dde88b467fe43ca854cda5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/css/owl.carousel.min.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "d17-62e2792f-1b3ede;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: text/css
content-length: 1068
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/style.css?ver=6.1
173.82.58.74200 OK 11 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/style.css?ver=6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (1248)
Hash f4799c7519e69c5267d6d07a8f6bc99e
abbaf4e86dc7cf95758f427c654273dd4379ab4a
5375b6be0ec1f0258e7a3587b3a3b3d1f0068a935ca9eec6aa8878aa3aad5720
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/style.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:58 GMT
etag: "b9e2-62e2792f-1b3ebd;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: text/css
content-length: 10623
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:58 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
173.82.58.74200 OK 4.2 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 173.82.58.74:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "2bd8-5fb4e3fe-1b32b3;gz"
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-type: application/x-javascript
content-length: 4169
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/foundation.css?ver=6.1
173.82.58.74200 OK 21 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/foundation.css?ver=6.1
IP 173.82.58.74:0
File type Unicode text, UTF-8 text, with very long lines (318)
Hash 3eb45f6136f828088b476e7d5c9d884a
7e8ce1742c8d7a27a5e76f4442dbfe635aeca124
422ffe4a4e8ec26e9d3cbb18aa381827145b6632505e645e23d738b1eca2f857
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/css/foundation.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:58 GMT
etag: "2774b-62e2792f-1b3ee3;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: text/css
content-length: 20790
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:58 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/seo-writers-blogily/style.css?ver=6.1
173.82.58.74200 OK 10 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/seo-writers-blogily/style.css?ver=6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (1815)
Hash 52cb8379b3a8b56aebc1d840bae29933
eb3196f0f01f745d67208f6cb2628941ec43bec6
16ed775a0070dabad94dd4f9b1b726da6d8d1ee28218ef75f0be522e4666c67b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/seo-writers-blogily/style.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "b14b-62e2792e-1945bc;gz"
last-modified: Thu, 28 Jul 2022 11:55:26 GMT
content-type: text/css
content-length: 10101
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KcO3G/mRXsRA7RbVe/ntjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ayOQe3+nQSRhmFVk5DH152eHMsA=
kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/navigation.js?ver=20151215
173.82.58.74200 OK 1.1 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/navigation.js?ver=20151215
IP 173.82.58.74:0
Hash 7eec6995203e3994a2714c41a388df66
99c08555971c9962b5ade2806e05ed29d0f00258
040c47ba29f4c8eefa8d359cd715eadc0888aa080ce6187a23b8eb8852bc54b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/js/navigation.js?ver=20151215 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "b97-62e2792f-1b3ece;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: application/x-javascript
content-length: 1094
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/skip-link-focus-fix.js?ver=20151215
173.82.58.74200 OK 417 B URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/skip-link-focus-fix.js?ver=20151215
IP 173.82.58.74:0
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "2ad-62e2792f-1b3ecd;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: application/x-javascript
content-length: 417
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/custom.js?ver=1.0.0
173.82.58.74200 OK 633 B URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/custom.js?ver=1.0.0
IP 173.82.58.74:0
Hash 835a9b368907454d1e0d285ef1f9252a
28d31b3581f072dedc4c2a08c73a8321151292aa
27045f7047391852d74b0dd810f6f3250a055098897f8231f65b81aacd2808e9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/js/custom.js?ver=1.0.0 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "6ea-62e2792f-1b3ec8;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: application/x-javascript
content-length: 633
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
173.82.58.74200 OK 31 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (65447)
Hash 2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "15e54-636257aa-1b32bb;gz"
last-modified: Wed, 02 Nov 2022 11:42:34 GMT
content-type: application/x-javascript
content-length: 31038
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/accessibility.js?ver=20151215
173.82.58.74200 OK 591 B URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/accessibility.js?ver=20151215
IP 173.82.58.74:0
File type HTML document, ASCII text
Hash aba5fbde7ab859e8d4dad024d0106fc2
3001cf8d70874b08cfc56126c967a55d1d54f178
78ce875acca54bf8f70adea8e71d6d927363bb9905f4810e8ee23fee4b5b7073
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/js/accessibility.js?ver=20151215 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "5cf-62e2792f-1b3eca;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: application/x-javascript
content-length: 591
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.0.4
173.82.58.74200 OK 2.1 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.0.4
IP 173.82.58.74:0
File type ASCII text, with very long lines (3550)
Hash e5de143c5fd84a07bc78ab7e3e7f8ee6
0dea4abce0cb661d6b3603701ba39fbfbd094933
1d83a8b9f31d713a5b5401dce5109e3b60646296a22172f03f41a21fa5d41513
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/featured-image-from-url/includes/html/js/image.js?ver=4.0.4 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "1cab-62e27a50-1954f2;gz"
last-modified: Thu, 28 Jul 2022 12:00:16 GMT
content-type: application/x-javascript
content-length: 2129
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
173.82.58.74200 OK 5.0 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "48b9-62551487-1b3d2b;gz"
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
content-type: application/x-javascript
content-length: 5004
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/owl.theme.default.css?ver=6.1
173.82.58.74200 OK 562 B URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/owl.theme.default.css?ver=6.1
IP 173.82.58.74:0
Hash df584ee4925e96f3ec6b6b1936217fd2
e0455d30a5ec2823440cb351e90edc0e0d2b63b4
43932fc896a4dd698b5fc075748fb2a7e5e812d3dfaeabd91dd0bc63510c402e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/css/owl.theme.default.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "564-62e2792f-1b3ee2;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: text/css
content-length: 562
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/font-awesome.min.css?ver=6.1
173.82.58.74200 OK 7.1 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/css/font-awesome.min.css?ver=6.1
IP 173.82.58.74:0
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/css/font-awesome.min.css?ver=6.1 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "7918-62e2792f-1b3ee4;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: text/css
content-length: 7050
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfcddabb01a352f9385ff26c42aa9ba5
3342a60bb155fbf113dff0ccaa428a02992bd84a
716ebbff283470c943eb87a01649646e06c5be3b2cc908c1bf61649768a1b6c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4881
Cache-Control: max-age=146929
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:38:59 GMT
Etag: "63645783-1d7"
Expires: Sun, 06 Nov 2022 01:27:48 GMT
Last-Modified: Fri, 04 Nov 2022 00:06:27 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
cdn.mos.cms.futurecdn.net/2tEMvcqAqrPqzxRRGpKhgT-1200-80.jpg
8.254.252.212200 OK 84 kB URL HTTP/2 cdn.mos.cms.futurecdn.net/2tEMvcqAqrPqzxRRGpKhgT-1200-80.jpg
IP 8.254.252.212:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x675, components 3\012- data
Hash 056334ec2bf6543339518fdb00d70847
00753919dc8e20850395f32b7f8d036b59999035
998914344f38400e3089a760345e2873326b370ccce71a6b5c01f63cccd0eb96
GET /2tEMvcqAqrPqzxRRGpKhgT-1200-80.jpg HTTP/1.1
Host: cdn.mos.cms.futurecdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 08:38:59 GMT
content-type: image/jpeg
content-length: 84173
cache-control: max-age=5184000
etag: 1f50da1e5e528e6b838821964f0ce63e
expires: Sun, 01 Jan 2023 15:08:40 GMT
server: Footprint Distributor V6.1.1162
vary: Origin
x-backend: default
x-ftr-backend: mos_kodiak
x-ftr-backend-server: kube
x-ftr-balancer: bulkproxyprodred
x-ftr-cache-status: MISS
x-ftr-dc: IX
x-ftr-realm: pip
x-ftr-request-id: 00000000:6948_00000000:0050_636287F8_29F01A:21BF
x-served-by: kodiak-varnish-54bd596566-qprg4
x-svc-build-time: Mon Oct 24 11:30:23 UTC 2022
x-svc-env: prod
x-svc-go-version: 1.17.8
x-svc-name: kodiak-mos-adapter-svc
x-svc-version: latest
xkey: /proof/2tEMvcqAqrPqzxRRGpKhgT.jpg
age: 149419
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
216.58.207.195200 OK 20 kB URL HTTP/1.1 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kabaruntukrakyat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19740
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 31 Oct 2022 21:20:56 GMT
Expires: Tue, 31 Oct 2023 21:20:56 GMT
Cache-Control: public, max-age=31536000
Age: 299883
Last-Modified: Tue, 26 Apr 2022 15:48:38 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kabaruntukrakyat.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 31 Oct 2022 21:39:49 GMT
Expires: Tue, 31 Oct 2023 21:39:49 GMT
Cache-Control: public, max-age=31536000
Age: 298750
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/vendor/foundation.js?ver=6
173.82.58.74200 OK 78 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/js/vendor/foundation.js?ver=6
IP 173.82.58.74:0
File type ASCII text, with very long lines (564)
Hash 16322b5893b227987b8ea8c1da3bcedb
c0bdb264275779489f442b99dc87fb591d8392e4
ab69c0d050be9184c78da2fd182e427091ed5533f3b81fcd8a5585135b390570
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/js/vendor/foundation.js?ver=6 HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "66571-62e2792f-1b3ec6;gz"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: application/x-javascript
content-length: 77643
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
assets-varnish.triblive.com/2022/11/5584968_web1_5584968-4f952a0785d043bd9dc18541d6d77267.jpg
172.67.5.59200 OK 42 kB URL HTTP/2 assets-varnish.triblive.com/2022/11/5584968_web1_5584968-4f952a0785d043bd9dc18541d6d77267.jpg
IP 172.67.5.59:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, baseline, precision 8, 640x427, components 3\012- data
Hash b3e0a117e58c447e3c4e67e4fa07c091
81e5043ab866340bbc7329d250a67972858fca1f
f7733067d44e25a28cdda6a8df18da9c840aaa3dbb8e54cc0dc737069e2d7cd8
GET /2022/11/5584968_web1_5584968-4f952a0785d043bd9dc18541d6d77267.jpg HTTP/1.1
Host: assets-varnish.triblive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 08:38:59 GMT
content-type: image/jpeg
content-length: 41800
last-modified: Wed, 02 Nov 2022 12:05:16 GMT
etag: "b3e0a117e58c447e3c4e67e4fa07c091"
cache-control: max-age=31536000
expires: Thu, 02 Nov 2023 12:05:15 GMT
x-amz-version-id: yJMqyotubPtSdvXVTtvDrvAbdPp05UaX
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N7rarWAhBFTychzlPjO9yn-RXs0h7d72En3EnPbhgy3GdfeauMuWdw==
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 764c095e5a1eb517-OSL
X-Firefox-Spdy: h2
a3.espncdn.com/combiner/i?img=/photo/2022/0412/r998516_1296x729_16-9.jpg
23.36.76.89200 OK 81 kB URL HTTP/2 a3.espncdn.com/combiner/i?img=/photo/2022/0412/r998516_1296x729_16-9.jpg
IP 23.36.76.89:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1296x729, components 3\012- data
Hash a5ae64370cd83ccf5d2085f75358eab5
83a548be0c15dcb6384ef4b7f7676dfe9c14710e
c7d3c7a8b1696fec5e0320bbfcebc18aa8266230bbf0c0cadb1c3401765bdd68
GET /combiner/i?img=/photo/2022/0412/r998516_1296x729_16-9.jpg HTTP/1.1
Host: a3.espncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 10:07:13 GMT
access-control-allow-origin: *
content-type: image/jpeg
accept-ranges: bytes
content-length: 80793
cache-control: max-age=82763
expires: Sat, 05 Nov 2022 07:38:22 GMT
date: Fri, 04 Nov 2022 08:38:59 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6997026c21d5e7a312bfaacfb9e01ec7
cd205beebad6fb15461aa1fab350954d7c2af5d9
7764d5a0ded1122c1fc72447c4837621bf086c0ee42b1472c57090eb452464af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7764D5A0DED1122C1FC72447C4837621BF086C0EE42B1472C57090EB452464AF"
Last-Modified: Wed, 02 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9184
Expires: Fri, 04 Nov 2022 11:12:03 GMT
Date: Fri, 04 Nov 2022 08:38:59 GMT
Connection: keep-alive
ca-times.brightspotcdn.com/dims4/default/c7e1b14/2147483647/strip/true/crop/5760x3024%200%20148/resize/1200x630!/quality/80/?url=https://california-times-brightspot.s3.amazonaws.com/a7/dd/3cebd51b4a53994e9c05fe212b0b/1184832-et-becky-g-latin-issue-04.jpg
216.137.44.69200 OK 100 kB URL HTTP/2 ca-times.brightspotcdn.com/dims4/default/c7e1b14/2147483647/strip/true/crop/5760x3024%200%20148/resize/1200x630!/quality/80/?url=https://california-times-brightspot.s3.amazonaws.com/a7/dd/3cebd51b4a53994e9c05fe212b0b/1184832-et-becky-g-latin-issue-04.jpg
IP 216.137.44.69:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, baseline, precision 8, 1200x630, components 3\012- data
Size 100 kB (100110 bytes)
Hash ffc2b5ae8d8ef9e9697f606c15d0f942
cfec3339abd808cbadf3e70b9aa5d4aa17ed2c98
9e073d502d0785b38e2d6c1ced90afd33913e2c26612a7882889d92f2e616ef2
GET /dims4/default/c7e1b14/2147483647/strip/true/crop/5760x3024%200%20148/resize/1200x630!/quality/80/?url=https://california-times-brightspot.s3.amazonaws.com/a7/dd/3cebd51b4a53994e9c05fe212b0b/1184832-et-becky-g-latin-issue-04.jpg HTTP/1.1
Host: ca-times.brightspotcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 100110
cache-control: max-age=31536000, public
date: Fri, 04 Nov 2022 07:39:53 GMT
edge-control: downstream-ttl=31536000
etag: cd71f7e1b1880a7e7c3e817bf3b06bf4
expires: Sat, 04 Nov 2023 07:39:54 GMT
server: Apache
x-robots-tag: nofollow
x-cache: Hit from cloudfront
via: 1.1 2f776eb8784339c430e14ec7520b4944.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rkUb2Wa71f7EG5KuUmZ5KmcYJlryVW-of3bduyFDJZOXy44NVMWzJQ==
age: 3545
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash c789348db07016a2990e6bd75e618b27
31e6be464975bf99028bd1def768297c282c9822
00aba076142c40e9b37ba800702d5fac6cab51fa7d5dd3ce0d117b2346cf196a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114361
Date: Fri, 04 Nov 2022 08:38:59 GMT
Etag: "6363d21b-1d7"
Expires: Sat, 05 Nov 2022 16:25:00 GMT
Last-Modified: Thu, 03 Nov 2022 14:37:15 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 1a6cd18714da9809fa8cb07ad66fd4f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: 48tGgLIFuzTBVPCkt6KShqAkchzjYiU6F88_Oa4ptLPUwZ2uy-iXCA==
Age: 6465
images.foxtv.com/static.fox5dc.com/www.fox5dc.com/content/uploads/2022/10/1280/720/baby-3.jpg?ve=1&tl=1
151.101.86.132200 OK 38 kB URL HTTP/2 images.foxtv.com/static.fox5dc.com/www.fox5dc.com/content/uploads/2022/10/1280/720/baby-3.jpg?ve=1&tl=1
IP 151.101.86.132:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 15c12520ccbe0f16194f5fd3260a6f6d
605616fcc2b3bd9cbc85153a6cb12c748139dfce
3b115dbe92b4deac2b0ae46ea9380d5c97ea7c6f409e48a95db89d026ad1d30a
GET /static.fox5dc.com/www.fox5dc.com/content/uploads/2022/10/1280/720/baby-3.jpg?ve=1&tl=1 HTTP/1.1
Host: images.foxtv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=2592000, public
content-type: image/webp
etag: "2GnLIrIwWoJ56egSmd4FgM7GCvFxi9VqMzzNobG7rxw"
fastly-io-info: ifsz=388205 idim=1280x720 ifmt=jpeg ofsz=37936 odim=1280x720 ofmt=webp
fastly-restarts: 1
fastly-stats: io=1
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
date: Fri, 04 Nov 2022 08:38:59 GMT
age: 212263
x-served-by: cache-iad-kiad7000030-IAD, cache-iad-kiad7000037-IAD, cache-bma1629-BMA
x-cache: HIT, MISS, MISS
x-cache-hits: 1, 0, 0
x-timer: S1667551140.647297,VS0,VE278
vary: Accept
strict-transport-security: max-age=300
content-length: 37936
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bb4588b762971158776ae34a4975bf2f
11e6d35d9715766643c7139c6aa63d40b7000dda
97657e93e828f2aa0cc37f60cace7a3094233aa42a3ac0860b8063aa1f880695
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97657E93E828F2AA0CC37F60CACE7A3094233AA42A3AC0860B8063AA1F880695"
Last-Modified: Wed, 02 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14393
Expires: Fri, 04 Nov 2022 12:38:53 GMT
Date: Fri, 04 Nov 2022 08:39:00 GMT
Connection: keep-alive
kabaruntukrakyat.com/wp-content/themes/writers-blogily/inc/starter_content/img/customizer-header-image.jpg
173.82.58.74200 OK 447 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-content/themes/writers-blogily/inc/starter_content/img/customizer-header-image.jpg
IP 173.82.58.74:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=455, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1125], baseline, precision 8, 1600x453, components 3\012- data
Size 447 kB (446607 bytes)
Hash 93c965f873b7f2c9ade644673d8ca9ff
ccd9a9a7340cf385c6339270579d1ba0f8abb38a
53e1506553ee40fcab96d2c3de13ba9a89a4fdb8d465bb5e7b0ac284e86c22ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/writers-blogily/inc/starter_content/img/customizer-header-image.jpg HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:38:59 GMT
etag: "6d08f-62e2792f-1b3ef7;;;"
last-modified: Thu, 28 Jul 2022 11:55:27 GMT
content-type: image/jpeg
content-length: 446607
accept-ranges: bytes
date: Fri, 04 Nov 2022 08:38:59 GMT
server: LiteSpeed
connection: Keep-Alive
aws-wwcloud.net/async/?id=hby2rh6k7ehfs26rrkbf16f5i7na72nf
146.0.77.131200 OK 177 B URL HTTP/1.1 aws-wwcloud.net/async/?id=hby2rh6k7ehfs26rrkbf16f5i7na72nf
IP 146.0.77.131:0
File type PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Hash a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /async/?id=hby2rh6k7ehfs26rrkbf16f5i7na72nf HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kabaruntukrakyat.com
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.1
Date: Fri, 04 Nov 2022 08:39:00 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=viqb7pf9tv736l4ivnb5hcp8v0; path=/
_subid=s8hnpa71dpn4; expires=Sat, 05-Nov-2022 08:39:00 GMT; path=/; domain=.aws-wwcloud.net
fcada=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM2MFwiOjE2Njc1NTExNDB9LFwiY2FtcGFpZ25zXCI6e1wiMjJcIjoxNjY3NTUxMTQwfSxcInRpbWVcIjoxNjY3NTUxMTQwfSJ9.O-tMw3_HYaStz3RxYdO_dhRs9FQ4lM6CJcZHdJPoBUc; expires=Sat, 05-Nov-2022 08:39:00 GMT; path=/; domain=.aws-wwcloud.net
Strict-Transport-Security: max-age=31536000;
cdn.hoopsrumors.com/files/2021/11/Eric-Bledsoe-900x600.jpg
194.242.11.186200 OK 78 kB URL HTTP/2 cdn.hoopsrumors.com/files/2021/11/Eric-Bledsoe-900x600.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 900x600, components 3\012- data
Hash 2aabd377b610bb2a1ea0540155588844
936819a2d3400632b3813943fa7b568fcf812c3c
77aa4a7588268cd93866ebf4cbfbd220ebba31e6489bc266b04a55c5c466ed35
GET /files/2021/11/Eric-Bledsoe-900x600.jpg HTTP/1.1
Host: cdn.hoopsrumors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 04 Nov 2022 08:39:00 GMT
content-type: image/jpeg
content-length: 77715
server: BunnyCDN-NO-830
cdn-pullzone: 158623
cdn-uid: f15c75ec-7809-4d49-86e7-cc317f769297
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
etag: "6193a276-12f93"
last-modified: Tue, 16 Nov 2021 12:22:14 GMT
x-environment: Staging
x-uri: /files/2021/11/Eric-Bledsoe-900x600.jpg
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/04/2022 08:39:00
cdn-edgestorageid: 830
link: <https://www.hoopsrumors.com/files/2021/11/Eric-Bledsoe-900x600.jpg>; rel="canonical"
cdn-status: 200
cdn-requestid: 3e2a92314008a63f46d744ebeee03906
cdn-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 04 Nov 2022 06:41:09 GMT
expires: Fri, 04 Nov 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 7071
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 229ca4fd93701e7cbcec5121c9a8aea5
a1508d718b555385766b9cc44878fb8255df56d5
0e54a0f56277b6d214000418390e96bb10e27024d844d2cd3806c3523a8e081f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-2C68EMVCPZ>m=2oeb20&_p=982945049&gdid=dZTNiMT&cid=481492290.1667551139&ul=en-us&sr=1280x1024&_s=1&sid=1667551138&sct=1&seg=0&dl=http%3A%2F%2Fkabaruntukrakyat.com%2F&dt=Kabar%20Untuk%20Rakyat%20%E2%80%93%20WEB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2C68EMVCPZ>m=2oeb20&_p=982945049&gdid=dZTNiMT&cid=481492290.1667551139&ul=en-us&sr=1280x1024&_s=1&sid=1667551138&sct=1&seg=0&dl=http%3A%2F%2Fkabaruntukrakyat.com%2F&dt=Kabar%20Untuk%20Rakyat%20%E2%80%93%20WEB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2C68EMVCPZ>m=2oeb20&_p=982945049&gdid=dZTNiMT&cid=481492290.1667551139&ul=en-us&sr=1280x1024&_s=1&sid=1667551138&sct=1&seg=0&dl=http%3A%2F%2Fkabaruntukrakyat.com%2F&dt=Kabar%20Untuk%20Rakyat%20%E2%80%93%20WEB&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kabaruntukrakyat.com
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://kabaruntukrakyat.com
date: Fri, 04 Nov 2022 08:39:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9689639060189261
142.250.74.34200 OK 56 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9689639060189261
IP 142.250.74.34:0
File type ASCII text, with very long lines (2776)
Hash 23f62b1618d4d7d81141677ff3128e13
990151c1287b3e98a5d5d9b39279334980c71bb3
99c7e45b31445cafabee024a0d03527f71c66fec5ed18ffd6fee4e1ebc600bcf
GET /pagead/js/adsbygoogle.js?client=ca-pub-9689639060189261 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kabaruntukrakyat.com
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 04 Nov 2022 08:39:00 GMT
expires: Fri, 04 Nov 2022 08:39:00 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 683190019981431767
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 229ca4fd93701e7cbcec5121c9a8aea5
a1508d718b555385766b9cc44878fb8255df56d5
0e54a0f56277b6d214000418390e96bb10e27024d844d2cd3806c3523a8e081f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17403
Expires: Fri, 04 Nov 2022 13:29:03 GMT
Date: Fri, 04 Nov 2022 08:39:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17403
Expires: Fri, 04 Nov 2022 13:29:03 GMT
Date: Fri, 04 Nov 2022 08:39:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17403
Expires: Fri, 04 Nov 2022 13:29:03 GMT
Date: Fri, 04 Nov 2022 08:39:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17403
Expires: Fri, 04 Nov 2022 13:29:03 GMT
Date: Fri, 04 Nov 2022 08:39:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17403
Expires: Fri, 04 Nov 2022 13:29:03 GMT
Date: Fri, 04 Nov 2022 08:39:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I6mALhsUwtQqMP_p_HxFaiCyfRDTtVzPIJjeDrKSEq7Tc_d5EcNw3Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:00 GMT
age: 38760
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: w5Nv6yf06dCHv6q9wt8-guOfQSMywfZFoXxwWvcLc9FtdwgRIqPcUQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 18:32:15 GMT
age: 50805
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178fad61-d3ee-4517-8b79-a9952a3fff8a.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178fad61-d3ee-4517-8b79-a9952a3fff8a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c67d8f51aff77b24d8cb3fd9ec479813
ebf192d282f763c6220d8d83423b4c1cb76332a1
941bab2bc237c080c6364198d3a183e5b513f72533c98b931b4503476f92e395
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F178fad61-d3ee-4517-8b79-a9952a3fff8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 1f8c3db7-e6e5-4503-a865-1a2407d91ada
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0XYGP_oAMFvnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364342f-66953a9f6f31915c375fd6ab;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1vWc25iNyC4YygyUrZFKyk6DkYdFr2SibxZEfUzQ53ZEGp9VKgloNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:51:37 GMT
age: 38843
etag: "ebf192d282f763c6220d8d83423b4c1cb76332a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e2c2868516a60c335361ccef89c6090
b71b29860aca017ac124fb4037cec5dc3101474e
3ac5d5410a9d31317c2f31fe3e08cdb188e26bfffce5275b85cce986f2841d22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3559
x-amzn-requestid: 63f00dbe-834f-4fbb-91c0-5e5378dc48aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0SvEOaIAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643411-43380b3457de631756afdb81;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aJvfSrMGHDPyvjiAKHpqxfv7u4JNottpvAEcRBvmZ51qmQb9ucUEdA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:09 GMT
age: 38751
etag: "b71b29860aca017ac124fb4037cec5dc3101474e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c472942cb4b85610a3e83edf7527f923
8191eb019b21bed2b9f53c755e1c24d08dc70760
0dc7f9902567b0130c1c34b6e356b8239f8e6c83e1d38ac9b74588270000279c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10810
x-amzn-requestid: 85c9096f-2671-4f0e-94a3-607254d036d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC057E5yIAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364350c-3c93b6e56e6141a63d1285eb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:39:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Rr6GO1Bb6pdxYxNFuwmG2Srs9uGM7tOTffgnyWys0zDjGCDrONRxUA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:00 GMT
etag: "8191eb019b21bed2b9f53c755e1c24d08dc70760"
content-type: image/jpeg
age: 38760
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c5889c4-d0fb-4545-94b4-f16b26e61aa2.webp
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c5889c4-d0fb-4545-94b4-f16b26e61aa2.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 214b020ed417fbc4785b92f2bdb98834
57eed480ede736a0a948e9bd7c604427a8acf8a2
4228512d040b122d6e5d50418c507edeedbef4aee2fbb0a952da270734ece18f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c5889c4-d0fb-4545-94b4-f16b26e61aa2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8084
x-amzn-requestid: 2d0c493a-5c15-415e-a9d3-516c03b11dd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0WwGueIAMF--w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364342b-4d68f618620e18050704340e;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fSwsKH1erxART-SQu0L7QcUoKiGiSkFNu-no6OvsVFJMHu4yOUdAGg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 22:10:40 GMT
age: 37700
etag: "57eed480ede736a0a948e9bd7c604427a8acf8a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a644ddcaf2f9fe6164915e985675d450
4725d446ea8dcd7d79d35e01f2a8a1406cc6aca3
d2806d80997c9999e65cc65b10d0efac04e0160edfe4e84376a5de166c0afe8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 8c05c6bb1f4ff9495a769b3fe6b30e69
b6a42681e93ca0e24b67613de3a84e90a840b4d5
dc30ec15d443d8a4d2999daf5632a81da250387edb355e82a53e2166d90d984c
GET /pagead/html/r20221101/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 03 Nov 2022 18:00:32 GMT
expires: Thu, 17 Nov 2022 18:00:32 GMT
cache-control: public, max-age=1209600
age: 52708
etag: 2424782735605397694
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a644ddcaf2f9fe6164915e985675d450
4725d446ea8dcd7d79d35e01f2a8a1406cc6aca3
d2806d80997c9999e65cc65b10d0efac04e0160edfe4e84376a5de166c0afe8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0417bec301af6407f5bc67afbd80ad38
318d6685ef160cb831e04d20186189e1dfd667df
30b17749ed29c95bfd5132e28ee08fa3b53731674f5c3a625952db94313aa281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kabaruntukrakyat.com/favicon.ico
173.82.58.74302 Found 0 B URL HTTP/1.1 kabaruntukrakyat.com/favicon.ico
IP 173.82.58.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Cookie: _ga_2C68EMVCPZ=GS1.1.1667551138.1.0.1667551138.0.0.0; _ga=GA1.1.481492290.1667551139
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
link: <https://kabaruntukrakyat.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: http://kabaruntukrakyat.com/wp-includes/images/w-logo-blue-white-bg.png
content-length: 0
date: Fri, 04 Nov 2022 08:39:00 GMT
server: LiteSpeed
connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 131c7090b83892c62eb57cfbddad9082
9e295e5490562d657fd0d35a1b8f4e4e2eaf8471
e72c487fa6f0ec7920830ef7c8e19fccd140c738474db96919610ea11f4111ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 667755b7a91dcaf6e0742e6dadbca816
19c3ab166e7a4c47eb95c928e852e7bef6fac5d0
accb77411cf4ebd4338954ccbe530aa549200a9fc2fa454c647e0906108b3718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=kabaruntukrakyat.com&callback=_gfp_s_&client=ca-pub-9689639060189261&gpid_exp=1
172.217.21.162200 OK 259 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=kabaruntukrakyat.com&callback=_gfp_s_&client=ca-pub-9689639060189261&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (407), with no line terminators
Hash 7721c76da7925d626b270cac56171369
723bc1591fe7b5ad16ddb0cc19015f7e268b0baa
4e59cd736b841e131724746a566e292e23e1cf0da4718214298843bf80e85db9
GET /gampad/cookie.js?domain=kabaruntukrakyat.com&callback=_gfp_s_&client=ca-pub-9689639060189261&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 04 Nov 2022 08:39:00 GMT
server: cafe
cache-control: private
content-length: 259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=kabaruntukrakyat.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=kabaruntukrakyat.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kabaruntukrakyat.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 04 Nov 2022 08:39:00 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=kabaruntukrakyat.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=kabaruntukrakyat.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=kabaruntukrakyat.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 04 Nov 2022 08:39:00 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0417bec301af6407f5bc67afbd80ad38
318d6685ef160cb831e04d20186189e1dfd667df
30b17749ed29c95bfd5132e28ee08fa3b53731674f5c3a625952db94313aa281
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 131c7090b83892c62eb57cfbddad9082
9e295e5490562d657fd0d35a1b8f4e4e2eaf8471
e72c487fa6f0ec7920830ef7c8e19fccd140c738474db96919610ea11f4111ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 667755b7a91dcaf6e0742e6dadbca816
19c3ab166e7a4c47eb95c928e852e7bef6fac5d0
accb77411cf4ebd4338954ccbe530aa549200a9fc2fa454c647e0906108b3718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 7de7bda0705ecab1e42f80b4483b6c6b
21ac90867fd4cce7337c9257e7872e77f0bedfee
e6c62e343ae4ae6e998dd6d7dc6eed0763ec93963c371a15133f9f8cf1e7e776
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kabaruntukrakyat.com/wp-includes/images/w-logo-blue-white-bg.png
173.82.58.74200 OK 4.1 kB URL HTTP/1.1 kabaruntukrakyat.com/wp-includes/images/w-logo-blue-white-bg.png
IP 173.82.58.74:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: kabaruntukrakyat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://kabaruntukrakyat.com/
Connection: keep-alive
Cookie: _ga_2C68EMVCPZ=GS1.1.1667551138.1.0.1667551138.0.0.0; _ga=GA1.2.481492290.1667551139; _gid=GA1.2.1990948457.1667551139; _gat_gtag_UA_235927499_1=1; __gads=ID=3797e57eb9134fcf-2252697567ce007b:T=1667551140:RT=1667551140:S=ALNI_MYK1h8iA2RY5oJPDQEsPm4_tE4Piw; __gpi=UID=00000b7c84a3274c:T=1667551140:RT=1667551140:S=ALNI_Maw46bQKn8No0lETxq_H6QKhgoJNQ
HTTP/1.1 200 OK
cache-control: public, max-age=43200
expires: Fri, 04 Nov 2022 20:39:00 GMT
etag: "1017-6192f571-1594f0;;;"
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
content-type: image/png
content-length: 4119
accept-ranges: bytes
date: Fri, 04 Nov 2022 08:39:00 GMT
server: LiteSpeed
connection: Keep-Alive
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 04 Nov 2022 08:39:00 GMT
expires: Fri, 04 Nov 2022 08:39:00 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 07:26:35 GMT
expires: Sat, 04 Nov 2023 07:26:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4345
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4e07861c1447376729f17ea09b72ca90
dd3f1d68fd87b4ba20c03e2f31ddc6a294b38cd3
d8953ad7676624da5b08bc21e4e68a647a636709f5fc9c4b0a4e8914f37adfc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 08:39:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 4c8b79bf9d23e5570d6c9f47cd791e24
769a917bc2cfe1f785e288414849165ff00d354d
8f2f35fc0049eeb8313c0cf4fc909c5b2922e0bfeafeda493e4f9fa585cb48d5
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kabaruntukrakyat.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 04 Nov 2022 08:39:01 GMT
date: Fri, 04 Nov 2022 08:39:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-VAwo1M843mwHY-R7wQFrmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2