Report - calonkreator.my.id/

Report Overview

Submitted URL
calonkreator.my.id/
IP
172.67.210.210
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-02 21:40:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
blogger.googleusercontent.com	16485	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	586 B	8.8 kB	142.250.74.33
ylx-i.advertica-cdn2.com	193063	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	685 B	185.66.200.127
calonkreator.my.id	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	774 B	1.3 kB	172.67.210.210
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	65.9.86.7
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.162.110.205
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
udbaa.com	380419	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	1.9 kB	185.66.200.220
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.effectivedisplayformats.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	808 B	21 kB	192.243.59.13
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	943 B	65.9.84.225
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	830 B	52.29.95.124
selfemployedbalconycane.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.4 kB	173.233.137.52
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	65.9.86.94
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.7 kB	93.184.220.29
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	968 B	24 kB	216.58.207.195
ebaaa.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	820 B	316 B	185.66.201.8
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	12 kB	23.36.76.226
www.blogger.com	8975	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	58 kB	216.58.207.201
dictatepantry.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.4 kB	173.233.137.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-02	medium	effectivedisplayformats.com	Sinkholed
2022-10-02	medium	effectivedisplayformats.com	Sinkholed
2022-10-02	medium	dictatepantry.com	Sinkholed
2022-10-02	medium	selfemployedbalconycane.com	Sinkholed
2022-10-02	medium	dictatepantry.com	Sinkholed
2022-10-02	medium	selfemployedbalconycane.com	Sinkholed

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.calonkreator.my.id/	1.8 kB	2023-03-07	2023-10-21
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:18 Last Seen2023-10-21 08:14:44 Times Seen7 Hash b0e1a729504b41cbdad4e2ac51fedd13 1a3fbc13a0405093c92fb384e9bd74b4b6f0d0e8 1c1549772274faa6c12b4c286e1bc481988bd1e5fa6371c936f7dd091dd50ee5 Loading...

	www.calonkreator.my.id/	275 B	2023-03-07	2024-04-25
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-25 11:11:42 Times Seen57395 Hash 38ee2f6ddbe8a478e5795030e72ba35d d332319b04b273e3b9a93ffa22ba9036d59b8e99 97d98978d5864e77cd83bd79a0d31ced40631a6134a154e8f049bcc20f49a319 Loading...

	www.calonkreator.my.id/	168 B	2023-03-07	2024-04-18
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:47 Last Seen2024-04-18 09:53:40 Times Seen169 Hash be224d7e09b97c73d5d5baf21a04fc28 b5a979acf127200ea2899c1ad1c80fe19f002be0 0db9eb6805c1583e1a7ade0907531cdba75713994816123c142fb97bab996c23 Loading...

	www.calonkreator.my.id/js/cookienotice.js	6.5 kB	2023-03-07	2024-04-25
Pretty URL www.calonkreator.my.id/js/cookienotice.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-04-25 11:11:43 Times Seen113506 Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Loading...

	www.calonkreator.my.id/	557 B	2023-03-08	2024-04-18
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2024-04-18 09:53:40 Times Seen22 Hash 29d4177507fb181ec05eae19c59c6d08 39ad4e7c7fdc4b901992e3df3b1b6330612fc33c a61af39405a61cd5fdde55f7f4e8dd21a15e06ea716539fb4f6d77bd2eb2bf0f Loading...

	udbaa.com/bnr.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1	437 B	2023-03-08	2023-03-08
Pretty URL udbaa.com/bnr.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1 IP 185.66.200.220 ASN #201702 skHosting.eu s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 3366b1e7fdbaaca37a2ba08771a9fdde 0810824ae1b8497b69ace83e6cc2976d041b7a3b 5f3b0155f745db915da9ed0d6eaf0b7c4df925076cf3388ca844beed40b8683a Loading...

	www.calonkreator.my.id/	789 B	2023-03-07	2024-02-13
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:24 Last Seen2024-02-13 16:43:35 Times Seen49861 Hash 0699fb3015610319b1639f47466451f0 5f4d8a4022f3a687921d7b3dce01cfc5bd62248f 2443e5c9c4ba5a75e030860f998bcf800907b0d4b3c4017999c2ed7ac84eeefa Loading...

	www.blogger.com/static/v1/widgets/2377718498-widgets.js	158 kB	2023-03-08	2023-03-08
Pretty URL www.blogger.com/static/v1/widgets/2377718498-widgets.js IP 216.58.207.201 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:58:33 Last Seen2023-03-08 05:59:06 Times Seen1 Hash 82d5aabdc0a35d962bdd82e66a2ccbb4 a8fdef93598462d109eddb0d2b5659fcdb7e4822 909893d68ea8d0c35f69220c227cafa4f44c7c40270b4545369cbc19abf16e0b Loading...

	www.effectivedisplayformats.com/82d8600ec7181d6a816aee1a86635cc4/invoke.js	27 kB	2023-03-08	2023-03-08
Pretty URL www.effectivedisplayformats.com/82d8600ec7181d6a816aee1a86635cc4/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:31:30 Last Seen2023-03-08 05:52:18 Times Seen1 Hash 49f7d700cc929e568eb05300220b57a2 35d278477e4299987d7fce5387acc0e921c94104 2a2ed29b6e6f028380118d59823fbf9229c6ad6ba41ec02c2ffe2cf2ad5457f6 Loading...

	ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCdkpirZApACikAAGjCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_16238&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&refferer=4279234485_aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5	1.4 kB	2023-03-08	2023-03-08
Pretty URL ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCdkpirZApACikAAGjCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_16238&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&refferer=4279234485_aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5 IP 185.66.201.8 ASN #201702 skHosting.eu s.r.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash c0f433d06bddba63d4398181f64d636f f80d1bea0ca5ff551752a3363517c396f39d0ddf bc7ec2d8ae21a7c45c18d18f324e4eb37f262ce7a51feb0175cfb84ca3d2b2a9 Loading...

	http:blank	145 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 8a75ddcb48a12ef4bf9f9ed6d4a040d5 40935de30ef37f370bc880efb1f5928402efc8d6 1c51724d0606f45d2d4eb551d4c5b4636d9bc331342ceb1009610def20838ef2 Loading...

	www.effectivedisplayformats.com/f870331c9511e75cee00859efae043b3/invoke.js	27 kB	2023-03-07	2023-03-08
Pretty URL www.effectivedisplayformats.com/f870331c9511e75cee00859efae043b3/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:33:26 Last Seen2023-03-08 06:01:35 Times Seen1 Hash 45c60277653a3c8c59e982194fc2fefe 4ef599ddaf1c8e67eb48829cc5992f452e7733e0 80e41a635dc5f355477e7d5d9b3267e4f36d36c0702545ab84e027d0cb55b8ac Loading...

	www.calonkreator.my.id/	16 kB	2023-03-08	2023-03-08
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 48814887ad43d926c7a4dab6c93ff0b9 9b381ba9f72fc7540cceaf96a7b059d333b8f588 43f8f5a2de73e699b94b407ad1047eeaeb37b7fab53f69526238a7ee71621a66 Loading...

	http:blank	145 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 39588209dd145b01a2505048eb964b28 af11d7414ff9fb6c7e7fc4c995ee3dbf99fe214b 1ca23ff1e2a4cb036be09f35ad83748defdf4ab78f5a4163e3b334606edc6291 Loading...

	www.calonkreator.my.id/	459 B	2023-03-08	2023-03-08
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 7bef3967da85a666ac5804f44ab704ab 0add3e81dbda7284674737f1842b3b14dd1a6d98 d64729d483a40a2b5967e74808c2db667ae6e8ddf176122e1945dafd2f57dbcd Loading...

	www.calonkreator.my.id/	349 B	2023-03-08	2023-03-08
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 73f351151524600a9ed095ab755c1fde 230d527662eec17143981d816793e7cfe9af770d 632efd3025b9327c09a00e4cd00f56fe3c56c062b6abd801c4cd09988fb3d720 Loading...

	www.calonkreator.my.id/	350 B	2023-03-08	2023-03-08
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 6ca8a8cfbf6ed53ac8e36e6e059ffa61 898b1be661a71e049a61da344b3bfefaca0f18cf 5adb541e033f6cbadf3edd8f6309662f7e9dac13a55f60734fd08a96b46f0ca7 Loading...

	www.calonkreator.my.id/	14 kB	2023-03-08	2023-10-15
Pretty URL www.calonkreator.my.id/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:49:28 Last Seen2023-10-15 00:37:55 Times Seen3 Hash 368b0ba7e8639b4ad8239ad8c9b8c674 7931460939bc7e73a93ddbd957542d51dc390c6a eed61cb5c20953751e2963733dc8ca190d933c41c161f43587661f807e9fcf96 Loading...

		Size	First Seen	Last Seen
	#1 Write - 9cad7b38dc077590796f9ce1683d31eb	802 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 9cad7b38dc077590796f9ce1683d31eb d3faed1aba662911f664d4bebbd08b07779f5d42 7744beaf468571e92b2f42111b60cabe2fba1c73658e24ddc7174b382538dbc5 Loading...

	#2 Write - a23a2cb3f8f21bb5bb2ae19523ad6d11	129 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash a23a2cb3f8f21bb5bb2ae19523ad6d11 c2255f0d9b18196ff2d60039eddb36bcc15ffeac 48fab98deb4daf2982a2b8a7aaf13d00cf65c9618902eac8b4db95f6631282e6 Loading...

	#3 Write - 926400d64dd265b8dab15bc155e7b7e4	129 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 926400d64dd265b8dab15bc155e7b7e4 307fc5dc2477d89c6be9880206172f62fdcab5bf af44bdd7c9efd8b0fbe482c4a5b49cc9e91502c60b604a1059f68e05d7703f18 Loading...

	#4 Write - 84366b906f5957c598637cf6e274344d	372 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:49:28 Last Seen2023-03-08 04:49:28 Times Seen1 Hash 84366b906f5957c598637cf6e274344d 56c0515b0d81ef70ef471d663f1d3313a56e56c7 ba6fd168b332eba42ffac8af03d0a342c4da699b67fcf2b425ce8f63d1f60fd8 Loading...

HTTP Transactions (57)

URL IP Response Size

calonkreator.my.id/

172.67.210.210

301 Moved Permanently

0 B

URL HTTP/1.1
calonkreator.my.id/
IP
172.67.210.210:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: calonkreator.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 21:40:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 02 Oct 2022 22:40:13 GMT
Location: https://calonkreator.my.id/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4zKYfxbAOitFE3FnIi9UQVkGSOzW3Gqn135GI2otX%2BJj5F8sRljPHbLQ%2FoceoBDvs9KItJS%2BnNj9aJAFGNiBMpzu0abkpavbNkwcoUm2rdYq5sg9BYkDeI3Onvb0ruDuOWEwAs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754098603ef4b4ed-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

65.9.86.94

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
65.9.86.94:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 21:16:50 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: nBU3QytTxisCaImzXJO8OMFonXA9NVUpnyg3Z7tdhbCHAFLN7koLEw==
Age: 1403

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19377
Expires: Mon, 03 Oct 2022 03:03:10 GMT
Date: Sun, 02 Oct 2022 21:40:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4878836fa734d9ded99ed9aea2e80ea6
96b58ff06ef49a5c980f4bd168076478e5e0a6d7
94d20af20a80ee7700c51f847db136a3a894e863db758895cf5088f4e5f1edb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:13 GMT
Server: ECS (amb/6BA0)
Content-Length: 279

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

65.9.86.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
65.9.86.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: cDXsjC0utr3eC9NloA61EAQMTaV9MNtHvWKyWYH3YYp7GK7JTDsxwg==
age: 58306
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
4878836fa734d9ded99ed9aea2e80ea6
96b58ff06ef49a5c980f4bd168076478e5e0a6d7
94d20af20a80ee7700c51f847db136a3a894e863db758895cf5088f4e5f1edb3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:13 GMT
Last-Modified: Sun, 02 Oct 2022 21:40:13 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

65.9.86.94

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
65.9.86.94:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 21:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 21:45:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e4700eb43d0f5579f360cfc02e71fac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 52DDDj9zipR4hcc3WyHxXgYmwVF8q2y0nUDfuyhb2jVJsoyrd1vxsA==
Age: 641

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6442
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:14 GMT
Last-Modified: Sun, 02 Oct 2022 19:52:53 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

216.58.207.195

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11020, version 1.0\012- data
Size
11 kB (11020 bytes)
Hash
a59072f933169d3f2db497f44ca4cbbe
5789e81a66958aabc7590c1ddd41058335636027
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

HTTP Headers

GET /s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.calonkreator.my.id
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11020
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 00:19:16 GMT
expires: Sat, 30 Sep 2023 00:19:16 GMT
cache-control: public, max-age=31536000
age: 249658
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

216.58.207.195

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11016, version 1.0\012- data
Size
11 kB (11016 bytes)
Hash
15fa3062f8929bd3b05fdca5259db412
6ff06a34f68ad0324ddec1bbe4d453c959178b36
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

HTTP Headers

GET /s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.calonkreator.my.id
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:44:01 GMT
expires: Fri, 29 Sep 2023 16:44:01 GMT
cache-control: public, max-age=31536000
age: 276973
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.162.110.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.110.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o9gOgC8QkGBchtiss0L4Wg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HiAsa3HUfLrLiZ/zboIFZlvfay4=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c934479af13c3610adb14d03367e6dd
9472ffa8be13cd76e5dda4f4e990312b7ea26719
f63bc3767aed93a82146b82ed82672f519331c541d4bcc12e5a17bb0195ffc8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.blogger.com/static/v1/widgets/2377718498-widgets.js

216.58.207.201

200 OK

57 kB

URL HTTP/2
www.blogger.com/static/v1/widgets/2377718498-widgets.js
IP
216.58.207.201:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2221)
Size
57 kB (56828 bytes)
Hash
8f96746073ad2fcd019d09522b056391
1cf378276d2a2da983515524a6a0008429930b73
de94a14d9e5804a0ef1796a9e4779ac912dc4b64516b505667b9e6c405cecc9c

HTTP Headers

GET /static/v1/widgets/2377718498-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 02:14:10 GMT
expires: Fri, 29 Sep 2023 02:14:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Sep 2022 23:52:33 GMT
content-type: text/javascript
age: 329164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c934479af13c3610adb14d03367e6dd
9472ffa8be13cd76e5dda4f4e990312b7ea26719
f63bc3767aed93a82146b82ed82672f519331c541d4bcc12e5a17bb0195ffc8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0a69c15eb2cd48915d8a104b125a037e
8f01e8af6daf5438a7091cf2066484437bc07a05
c4f35df6449f98e852abef991dabab7f083c5c7d26479b471dcd736c7850b18d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4F35DF6449F98E852ABEF991DABAB7F083C5C7D26479B471DCD736C7850B18D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5019
Expires: Sun, 02 Oct 2022 23:03:53 GMT
Date: Sun, 02 Oct 2022 21:40:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
402695e078ea0ecc23b3dafb344da133
0b4e1373bba27bc8c8f453a12ce629188dd3558a
1c97ea36070197499992fea831b043a9f93568766142b5cb0099c3d46f62784b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C97EA36070197499992FEA831B043A9F93568766142B5CB0099C3D46F62784B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1919
Expires: Sun, 02 Oct 2022 22:12:14 GMT
Date: Sun, 02 Oct 2022 21:40:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
15bc725051c324bf4a9f4fad12da6ee6
8a24db1be0e33d5c5b1a7930f89c03a783f3b7a8
03b721e301fa25cd01d578e5f959ee4090c5379aa0b57f81d8f2f265e396df40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B721E301FA25CD01D578E5F959EE4090C5379AA0B57F81D8F2F265E396DF40"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15778
Expires: Mon, 03 Oct 2022 02:03:13 GMT
Date: Sun, 02 Oct 2022 21:40:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
15bc725051c324bf4a9f4fad12da6ee6
8a24db1be0e33d5c5b1a7930f89c03a783f3b7a8
03b721e301fa25cd01d578e5f959ee4090c5379aa0b57f81d8f2f265e396df40

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B721E301FA25CD01D578E5F959EE4090C5379AA0B57F81D8F2F265E396DF40"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15778
Expires: Mon, 03 Oct 2022 02:03:13 GMT
Date: Sun, 02 Oct 2022 21:40:15 GMT
Connection: keep-alive

www.effectivedisplayformats.com/f870331c9511e75cee00859efae043b3/invoke.js

192.243.59.13

200 OK

9.8 kB

URL HTTP/1.1
www.effectivedisplayformats.com/f870331c9511e75cee00859efae043b3/invoke.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Size
9.8 kB (9778 bytes)
Hash
1a2314b58371c0265c49b25b4c54bca4
2dd7aacbd9d892f0c70f0b6640cf1053c07a440b
99be4f8cc513c6ce50294d531da92a93063707b880919a994d07f8864401dabc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /f870331c9511e75cee00859efae043b3/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 21:40:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7cb6fc976fca3317bfa6f602c411a83b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.effectivedisplayformats.com/82d8600ec7181d6a816aee1a86635cc4/invoke.js

192.243.59.13

200 OK

9.8 kB

URL HTTP/1.1
www.effectivedisplayformats.com/82d8600ec7181d6a816aee1a86635cc4/invoke.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26963), with no line terminators
Size
9.8 kB (9787 bytes)
Hash
d793832ee7ee65f36b1e396f287ba0b0
0bd78106d2addc24c9717db274d3433dea5b98a1
9debda0fd30484ec500a9742f156fd88b3d748c05185aac1860744fb88f15cea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /82d8600ec7181d6a816aee1a86635cc4/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 02 Oct 2022 21:40:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e2e664849ef0c33a8a616ddf103894a7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

65.9.84.225

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
65.9.84.225:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
606c558669146ba6d99d416b814455a8
9c49aea5039dcfdf01abba48f538350cf87f05ab
83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 21:40:15 GMT
Last-Modified: Sun, 02 Oct 2022 20:13:07 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: IDTBp2g-B4a-xhOZ4zU66-uqKMKAEmyhGISkfkNlQmur7md_G7yMlw==
Age: 5228

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
feff26617378802ac495bede9dade01e
7789c2f114319a68c5e395d66d0ae4b8e8433d5f
2d66a42f97ab4e60a459c86f8fb887b770f07278ca6f8caac5a0616db8bc76b6

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.calonkreator.my.id
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:40:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.calonkreator.my.id
access-control-allow-credentials: true
set-cookie: uid_id2=75a56852-a15b-457d-827a-672b3558b516:1:1; expires=Wed, 29 Sep 2032 21:40:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

52.29.95.124

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.29.95.124:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
9188bdb8dabfa4ea5b554273708efc88
6abe7865d7ff40ef88a9254f58cfa1b15840b95b
444b806df722bd6b55679ebdf9630f156b4748d4eaf67d2852bd3a21e0c5f28f

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.calonkreator.my.id
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 02 Oct 2022 21:40:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.calonkreator.my.id
access-control-allow-credentials: true
set-cookie: uid_id2=b0f7fd5c-ec94-4dd8-8454-533e108b46a9:2:1; expires=Wed, 29 Sep 2032 21:40:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8602 bytes)
Hash
94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:38 GMT
age: 85598
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
11f2e40823827b62bca89d18ee279cb2
fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38
c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDgmFdlIAMFzQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:54:50 GMT
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38"
content-type: image/jpeg
age: 85526
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6315 bytes)
Hash
206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 61117
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6871 bytes)
Hash
9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
age: 85601
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9340 bytes)
Hash
6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:47:23 GMT
age: 85973
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11083 bytes)
Hash
edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:53:35 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 85601
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

udbaa.com/trk/?9bf01bb130c3564cb556722d92aa5f17

185.66.200.220

200 OK

43 B

URL HTTP/2
udbaa.com/trk/?9bf01bb130c3564cb556722d92aa5f17
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /trk/?9bf01bb130c3564cb556722d92aa5f17 HTTP/1.1
Host: udbaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udbaa.com/show.php?u85251664746815=true&ad=673873&f=300x250&a=395578&cri=0&s=NDcxYjE0YWZmNzM0MTA3MzEzZDM5NzFkMDRlNWM1OTA=&u=186915&si=694312545&di=45801284&ci=16&h=9bf01bb130c3564cb556722d92aa5f17&cc=NO&https=1&useAf=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&ar=aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==
Cookie: used_ad2706771=1; total_impressions=1; cpa_673873=300x250_694312545_0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:16 GMT
content-type: image/gif
content-length: 43
last-modified: Sun, 02 Oct 2022 21:40:16 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43f344eaebf219621e050a596d4934ba
53787d6fc28bbb16e86e0a89bf26db7809c41b2a
113d48a6261923601f751263bcaca1fc0791bedd748072ccedccd4458f128876

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "113D48A6261923601F751263BCACA1FC0791BEDD748072CCEDCCD4458F128876"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4889
Expires: Sun, 02 Oct 2022 23:01:45 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b590a2bb396b6df985401372b563a9e8
dfe4d47b46a6817c88c55ff96d90c5fee897f709
cf748aa3ece7a3db608a7a06e42a285df84086db2db7aae4f599f3d8b96d4c89

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF748AA3ECE7A3DB608A7A06E42A285DF84086DB2DB7AAE4F599F3D8B96D4C89"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10106
Expires: Mon, 03 Oct 2022 00:28:42 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
67fe2eef9b121d0732a89de99546d05a
4a86d50b08b5fc3f4f79c79edead755bca9dcc8a
56b4940eba67082b05c2fb4d68d28c3a88afcd4af17d8eaca87480921b69350d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56B4940EBA67082B05C2FB4D68D28C3A88AFCD4AF17D8EACA87480921B69350D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4488
Expires: Sun, 02 Oct 2022 22:55:04 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
587f71117669eac939dc8f0b6dfb471a
63126f1b8d365a0ce5c1ca9cfd20da7c77e2781e
7b798f6ac56526e6441ac843e82b9000b443cb8970971fbc0f223a1f1304ac76

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B798F6AC56526E6441AC843E82B9000B443CB8970971FBC0F223A1F1304AC76"
Last-Modified: Sat, 01 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2155
Expires: Sun, 02 Oct 2022 22:16:11 GMT
Date: Sun, 02 Oct 2022 21:40:16 GMT
Connection: keep-alive

173.233.137.52

307 Temporary Redirect

0 B

URL HTTP/1.1
dictatepantry.com/watch.37613485377.js?key=f870331c9511e75cee00859efae043b3&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=75a56852-a15b-457d-827a-672b3558b516%3A1%3A1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.37613485377.js?key=f870331c9511e75cee00859efae043b3&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=75a56852-a15b-457d-827a-672b3558b516%3A1%3A1 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.calonkreator.my.id
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 21:40:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.calonkreator.my.id
Access-Control-Allow-Origin: https://www.calonkreator.my.id
Access-Control-Allow-Credentials: true
Location: https://dictatepantry.com/watch.37613485377.js?key=f870331c9511e75cee00859efae043b3&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=75a56852-a15b-457d-827a-672b3558b516%3A1%3A1&shu=68ae2e82f2697f0fa4e3ae8fdeb84eb854c942fc7573e43248cfd1a01234602b9436d1530f64e07d9bb8c7d731b4d0ad147cf1456ac8b9e133f52b2e635392971da36ce80a6464514c8b2b7fcd3d189b4d1c30fae661c7810ccb37e4b05c61c754&pst=1664746876&rmtc=t
Set-Cookie: u_pl=17058179; expires=Mon, 03 Oct 2022 21:40:16 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA1ODE3OSwiayI6ImY4NzAzMzFjOTUxMWU3NWNlZTAwODU5ZWZhZTA0M2IzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NjM1LCJwaWQiOjQ0MTU5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4N3BjN3R5MSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLyJ9fQ.X5qF4XBvJqcYREo3OSGHPZggx58fkrcR4pg7klDfeFk; expires=Sun, 02 Oct 2022 21:41:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb89496c991f01dafbe787b10bd1742a
Strict-Transport-Security: max-age=0; includeSubdomains

173.233.137.52

307 Temporary Redirect

0 B

URL HTTP/1.1
selfemployedbalconycane.com/watch.1627987477442.js?key=82d8600ec7181d6a816aee1a86635cc4&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=b0f7fd5c-ec94-4dd8-8454-533e108b46a9%3A2%3A1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1627987477442.js?key=82d8600ec7181d6a816aee1a86635cc4&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=b0f7fd5c-ec94-4dd8-8454-533e108b46a9%3A2%3A1 HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.calonkreator.my.id
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 21:40:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.calonkreator.my.id
Access-Control-Allow-Origin: https://www.calonkreator.my.id
Access-Control-Allow-Credentials: true
Location: https://selfemployedbalconycane.com/watch.1627987477442.js?key=82d8600ec7181d6a816aee1a86635cc4&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=b0f7fd5c-ec94-4dd8-8454-533e108b46a9%3A2%3A1&shu=5d1fd6bc02683c281092625ca998ae1773d144e055e626f9a6a15cc5fcae7d43e684630d16190fc3ac356389a5dfb6e2d7ae5187b92569550f85050cf93453cf0a9b27907c62068695082988501d1c50f79d28e6e9c48397c3f3f3a919d69bcf4c&pst=1664746876&rmtc=t
Set-Cookie: u_pl=17058284; expires=Mon, 03 Oct 2022 21:40:16 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA1ODI4NCwiayI6IjgyZDg2MDBlYzcxODFkNmE4MTZhZWUxYTg2NjM1Y2M0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NjM1LCJwaWQiOjQ0MTU5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZXE3cDU1dWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmNhbG9ua3JlYXRvci5teS5pZC8ifX0.Cjj0uVZCj4kYmsCDUCu8s9uI0B-OjwlbQgQnGBFbFoo; expires=Sun, 02 Oct 2022 21:41:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 231445beb2eb941787984d403bcf5ba0
Strict-Transport-Security: max-age=0; includeSubdomains

dictatepantry.com/watch.37613485377.js?key=f870331c9511e75cee00859efae043b3&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=75a56852-a15b-457d-827a-672b3558b516%3A1%3A1&shu=68ae2e82f2697f0fa4e3ae8fdeb84eb854c942fc7573e43248cfd1a01234602b9436d1530f64e07d9bb8c7d731b4d0ad147cf1456ac8b9e133f52b2e635392971da36ce80a6464514c8b2b7fcd3d189b4d1c30fae661c7810ccb37e4b05c61c754&pst=1664746876&rmtc=t

173.233.137.52

200 OK

0 B

URL HTTP/1.1
dictatepantry.com/watch.37613485377.js?key=f870331c9511e75cee00859efae043b3&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=75a56852-a15b-457d-827a-672b3558b516%3A1%3A1&shu=68ae2e82f2697f0fa4e3ae8fdeb84eb854c942fc7573e43248cfd1a01234602b9436d1530f64e07d9bb8c7d731b4d0ad147cf1456ac8b9e133f52b2e635392971da36ce80a6464514c8b2b7fcd3d189b4d1c30fae661c7810ccb37e4b05c61c754&pst=1664746876&rmtc=t
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.37613485377.js?key=f870331c9511e75cee00859efae043b3&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=75a56852-a15b-457d-827a-672b3558b516%3A1%3A1&shu=68ae2e82f2697f0fa4e3ae8fdeb84eb854c942fc7573e43248cfd1a01234602b9436d1530f64e07d9bb8c7d731b4d0ad147cf1456ac8b9e133f52b2e635392971da36ce80a6464514c8b2b7fcd3d189b4d1c30fae661c7810ccb37e4b05c61c754&pst=1664746876&rmtc=t HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.calonkreator.my.id
Referer: https://www.calonkreator.my.id/
Connection: keep-alive
Cookie: u_pl=17058179; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA1ODE3OSwiayI6ImY4NzAzMzFjOTUxMWU3NWNlZTAwODU5ZWZhZTA0M2IzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NjM1LCJwaWQiOjQ0MTU5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ4N3BjN3R5MSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLyJ9fQ.X5qF4XBvJqcYREo3OSGHPZggx58fkrcR4pg7klDfeFk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 21:40:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.calonkreator.my.id
Access-Control-Allow-Origin: https://www.calonkreator.my.id
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=75a56852-a15b-457d-827a-672b3558b516:1:1; expires=Sun, 09 Oct 2022 21:40:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd5d4147b50ebde0112e923857f0f884
Strict-Transport-Security: max-age=0; includeSubdomains

selfemployedbalconycane.com/watch.1627987477442.js?key=82d8600ec7181d6a816aee1a86635cc4&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=b0f7fd5c-ec94-4dd8-8454-533e108b46a9%3A2%3A1&shu=5d1fd6bc02683c281092625ca998ae1773d144e055e626f9a6a15cc5fcae7d43e684630d16190fc3ac356389a5dfb6e2d7ae5187b92569550f85050cf93453cf0a9b27907c62068695082988501d1c50f79d28e6e9c48397c3f3f3a919d69bcf4c&pst=1664746876&rmtc=t

173.233.137.52

200 OK

0 B

URL HTTP/1.1
selfemployedbalconycane.com/watch.1627987477442.js?key=82d8600ec7181d6a816aee1a86635cc4&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=b0f7fd5c-ec94-4dd8-8454-533e108b46a9%3A2%3A1&shu=5d1fd6bc02683c281092625ca998ae1773d144e055e626f9a6a15cc5fcae7d43e684630d16190fc3ac356389a5dfb6e2d7ae5187b92569550f85050cf93453cf0a9b27907c62068695082988501d1c50f79d28e6e9c48397c3f3f3a919d69bcf4c&pst=1664746876&rmtc=t
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1627987477442.js?key=82d8600ec7181d6a816aee1a86635cc4&kw=%5B%22calon%22%2C%22kreator%22%5D&refer=https%3A%2F%2Fwww.calonkreator.my.id%2F&tz=0&dev=r&res=12.31&uuid=b0f7fd5c-ec94-4dd8-8454-533e108b46a9%3A2%3A1&shu=5d1fd6bc02683c281092625ca998ae1773d144e055e626f9a6a15cc5fcae7d43e684630d16190fc3ac356389a5dfb6e2d7ae5187b92569550f85050cf93453cf0a9b27907c62068695082988501d1c50f79d28e6e9c48397c3f3f3a919d69bcf4c&pst=1664746876&rmtc=t HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.calonkreator.my.id
Referer: https://www.calonkreator.my.id/
Connection: keep-alive
Cookie: u_pl=17058284; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA1ODI4NCwiayI6IjgyZDg2MDBlYzcxODFkNmE4MTZhZWUxYTg2NjM1Y2M0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODA0NjM1LCJwaWQiOjQ0MTU5OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZXE3cDU1dWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LmNhbG9ua3JlYXRvci5teS5pZC8ifX0.Cjj0uVZCj4kYmsCDUCu8s9uI0B-OjwlbQgQnGBFbFoo
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 21:40:16 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.calonkreator.my.id
Access-Control-Allow-Origin: https://www.calonkreator.my.id
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b0f7fd5c-ec94-4dd8-8454-533e108b46a9:2:1; expires=Sun, 09 Oct 2022 21:40:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a05f9866692fe2215c100273ff9368bd
Strict-Transport-Security: max-age=0; includeSubdomains

blogger.googleusercontent.com/img/a/AVvXsEgLhjOE38bFHFU3BAb-pI48O12ezAsKvDYwb99HzT8PA4YpvZqaYI-Ej0joEzWy1o_z63KgFelQFJhmDslHsRkTXzlXZChV8FnujNTibNOOqjV0k6NSec6UWodqC-1CmEZ6hfqJmX0Zf8tY-xHJ4N4AFZjFrXKmrxhVIMEdbeNLMgvQ_gt7g9w7aEI6aw=w250

142.250.74.33

200 OK

8.2 kB

URL HTTP/2
blogger.googleusercontent.com/img/a/AVvXsEgLhjOE38bFHFU3BAb-pI48O12ezAsKvDYwb99HzT8PA4YpvZqaYI-Ej0joEzWy1o_z63KgFelQFJhmDslHsRkTXzlXZChV8FnujNTibNOOqjV0k6NSec6UWodqC-1CmEZ6hfqJmX0Zf8tY-xHJ4N4AFZjFrXKmrxhVIMEdbeNLMgvQ_gt7g9w7aEI6aw=w250
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
PNG image data, 250 x 49, 8-bit/color RGBA, non-interlaced\012- data
Size
8.2 kB (8244 bytes)
Hash
bb6626b552bf69522ea0a14480efc800
c5a99be2236a2bf2326a9a3c7e07bc2faba2f1c5
6090b6c8e153e02d45a30be5fe4e845550cda8bfa609e50785645a6dedc8496d

HTTP Headers

GET /img/a/AVvXsEgLhjOE38bFHFU3BAb-pI48O12ezAsKvDYwb99HzT8PA4YpvZqaYI-Ej0joEzWy1o_z63KgFelQFJhmDslHsRkTXzlXZChV8FnujNTibNOOqjV0k6NSec6UWodqC-1CmEZ6hfqJmX0Zf8tY-xHJ4N4AFZjFrXKmrxhVIMEdbeNLMgvQ_gt7g9w7aEI6aw=w250 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v4137"
expires: Mon, 03 Oct 2022 21:40:17 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="calon kreator.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 21:40:17 GMT
server: fife
content-length: 8244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c13a9bf4003891ab621ca04b258f9880
8b0fb77ebf4d31235c62a8f10b1b8e4b4f77ad77
eb06a3da143e66c58a0e707ecd9b2b0818adc44b0f4e5244ac62545be8db4dd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 21:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

udbaa.com/bnr.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1

185.66.200.220

200 OK

0 B

URL HTTP/2
udbaa.com/bnr.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bnr.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1 HTTP/1.1
Host: udbaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:15 GMT
content-type: application/javascript
expires: Sun, 02 Oct 2022 21:40:15 GMT
last-modified: Sun, 02 Oct 2022 21:40:15 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2

udbaa.com/bnr_xload.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1&xt=166474681574914&xtt=7777256

185.66.200.220

200 OK

0 B

URL HTTP/2
udbaa.com/bnr_xload.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1&xt=166474681574914&xtt=7777256
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bnr_xload.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1&xt=166474681574914&xtt=7777256 HTTP/1.1
Host: udbaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.calonkreator.my.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:15 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 02 Oct 2022 21:40:15 GMT
last-modified: Sun, 02 Oct 2022 21:40:15 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2706771=1; expires=Mon, 03-Oct-2022 04:00:00 GMT; Max-Age=22785; path=/; domain=udbaa.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Mon, 03-Oct-2022 04:00:00 GMT; Max-Age=22785; path=/; domain=udbaa.com; secure; HttpOnly; SameSite=None
cpa_673873=300x250_694312545_0; expires=Tue, 01-Nov-2022 21:40:15 GMT; Max-Age=2592000; path=/; domain=udbaa.com; secure; SameSite=None
X-Firefox-Spdy: h2

udbaa.com/show.php?u85251664746815=true&ad=673873&f=300x250&a=395578&cri=0&s=NDcxYjE0YWZmNzM0MTA3MzEzZDM5NzFkMDRlNWM1OTA=&u=186915&si=694312545&di=45801284&ci=16&h=9bf01bb130c3564cb556722d92aa5f17&cc=NO&https=1&useAf=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&ar=aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==

185.66.200.220

200 OK

0 B

URL HTTP/2
udbaa.com/show.php?u85251664746815=true&ad=673873&f=300x250&a=395578&cri=0&s=NDcxYjE0YWZmNzM0MTA3MzEzZDM5NzFkMDRlNWM1OTA=&u=186915&si=694312545&di=45801284&ci=16&h=9bf01bb130c3564cb556722d92aa5f17&cc=NO&https=1&useAf=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&ar=aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==
IP
185.66.200.220:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /show.php?u85251664746815=true&ad=673873&f=300x250&a=395578&cri=0&s=NDcxYjE0YWZmNzM0MTA3MzEzZDM5NzFkMDRlNWM1OTA=&u=186915&si=694312545&di=45801284&ci=16&h=9bf01bb130c3564cb556722d92aa5f17&cc=NO&https=1&useAf=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&ar=aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw== HTTP/1.1
Host: udbaa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udbaa.com/bnr_xload.php?section=General&pub=186915&format=300x50&ga=g&mbtodb=1&xt=166474681574914&xtt=7777256
Cookie: used_ad2706771=1; total_impressions=1; cpa_673873=300x250_694312545_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:16 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 02 Oct 2022 21:40:16 GMT
last-modified: Sun, 02 Oct 2022 21:40:16 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2

ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810

185.66.200.127

200 OK

0 B

URL HTTP/2
ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
IP
185.66.200.127:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /logo_n_small.png?1480628810 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udbaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:16 GMT
content-type: image/png
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
etag: W/"58409a4a-631"
expires: Tue, 01 Nov 2022 21:40:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2

ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCdkpirZApACikAAGjCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_16238&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&refferer=4279234485_aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5

185.66.201.8

200 OK

0 B

URL HTTP/2
ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCdkpirZApACikAAGjCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_16238&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&refferer=4279234485_aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5
IP
185.66.201.8:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCdkpirZApACikAAGjCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_16238&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&capSettings=dWRiYWEuY29tfDUwMDAwMHwyNHw1NTkxNw==&adApiR=loaded_string_5391935b0bce9d250429df012c0426f88d0bd_2706771_1664746815.793_88735&refferer=4279234485_aHR0cHM6Ly93d3cuY2Fsb25rcmVhdG9yLm15LmlkLw==&width=300&height=250&yxDom=dWRiYWEuY29t_d7c924559100542ab615824e09ff1aa5 HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udbaa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:16 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2

ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364

185.66.200.127

200 OK

0 B

URL HTTP/2
ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
IP
185.66.200.127:0
ASN
#201702 skHosting.eu s.r.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /aff/pub_s9c2nm.png?1480419364 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://udbaa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 21:40:16 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
etag: W/"583d6824-68a8"
expires: Tue, 01 Nov 2022 21:40:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2

calonkreator.my.id/

104.21.23.115

301 Moved Permanently

0 B

URL HTTP/2
calonkreator.my.id/
IP
104.21.23.115:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: calonkreator.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Sun, 02 Oct 2022 21:40:13 GMT
content-type: text/html; charset=UTF-8
location: https://www.calonkreator.my.id/
x-xss-protection: 0
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh%2B5KYYeQviIviCApKyeZUpBJfSsF5Y4txCY5ZgOl6wdJqcF5Q5Bz6Ipv94l6phEL5H%2B%2FVM25Esl96dMwjNIFovMnGAH%2FEiweohtTyaL05m2a2%2Bj%2F8dL%2FpkpS5JNTSUCs7sm9ko%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75409862df6db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations