track.bima-up.live/b6600672-d929-4e39-a8f5-09f0a778c711
302 0 B URL HTTP/1.1 track.bima-up.live/b6600672-d929-4e39-a8f5-09f0a778c711
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b6600672-d929-4e39-a8f5-09f0a778c711 HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Mon, 19 Sep 2022 04:59:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://lp.bima-up.live/bimabet-goo-rtp-slot-gacor/?cep=n4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14&lptoken=16b563905618535070b4
Pragma: no-cache
Set-Cookie: b6600672-d929-4e39-a8f5-09f0a778c711-v4=0HwYifod3tD-WUgNvSm406N05A6gBXfi-AR8ii_3XxM; Max-Age=86400; Expires=Tue, 20-Sep-2022 04:59:30 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
cep-v4=uOQ8T25-5Fx7HbCLPSDJ9YWKjfGGM7-T0uaPLXBTpDKjnFaBBMheIT8Fyllo9WRLTQICjh0la1DdOdIel8ZLgJ2_y10_2sLSwsivkVEEu5ZQ99-4yPLZ1Bd8guNbno-TUnuLQGt8Kg4r0dlPJPKEsQmdFDRlZeCqUG-PCa2x7d05LzvphQ1hYB2PSsNmH8hIWuHOSJ_KJtLAK9GbdS7XeEHdHQ9XuDIUPMOdXNFDPj8FaVxjgaMzRgld_rAYPUPO_6doXCz8JUujGHekSv4APNJVxn4DrvfP_KRhaYXp4DSNxn9OaP-7PwJPAJWsw0wevq9NstNvBwpDymRHh1WjXAJl8-zENeloyG1-8UEWPUk; Max-Age=86400; Expires=Tue, 20-Sep-2022 04:59:30 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 04:12:38 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: m0F5mbxCcFy4Ck1LV1apj_xVBKoJaWKsFgTl7xaCQsiESTv_qjrPww==
Age: 2812
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Mon, 19 Sep 2022 05:45:49 GMT
Date: Mon, 19 Sep 2022 04:59:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hirFv_q-TnwXC0vgCFIb3LGAe1i_WF7OJINcK6Upp9nW7eTYwoGLwA==
age: 1457
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:59:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 04:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 04:26:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BUyyQAbmgdfLya1ficGFsyPqvz1zg964BHlu2wyZQnPzGI93RsqKLw==
Age: 3368
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4091626fb9ffbb5b187e813bf06fe166
0ad889517ad99a526670a4bbdcdfe3c8b4bb8bbe
a92bb03d9ebb8eee6016abf9dd87112b0baa4841635e3e2bf33b1a34eaf8d5e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A92BB03D9EBB8EEE6016ABF9DD87112B0BAA4841635E3E2BF33B1A34EAF8D5E7"
Last-Modified: Sat, 17 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Sep 2022 10:59:30 GMT
Date: Mon, 19 Sep 2022 04:59:30 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4520
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:30 GMT
Last-Modified: Mon, 19 Sep 2022 03:44:10 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NzZXONqsFFh9pUKAZlM0Fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3Hu2ZXyAiZxV4SunLhxpfDGsH2c=
ocsp.pki.goog/s/gts1d4/RRMT1SlW1VU
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RRMT1SlW1VU
IP
Hash 2c051090c1c595930700f2031a30c89c
2857c679ef158c36fb77fb5f24adaf0bf3312cff
ad0368aaf25682b29611875f6a7999d39a18a8d102f54d54a987dd8c791626f4
POST /s/gts1d4/RRMT1SlW1VU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lp.bima-up.live/bimabet-goo-rtp-slot-gacor/?cep=n4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14&lptoken=16b563905618535070b4
200 OK 31 kB URL HTTP/2 lp.bima-up.live/bimabet-goo-rtp-slot-gacor/?cep=n4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14&lptoken=16b563905618535070b4
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (45992)
Hash f06f57d4826575cb7f28edbd2cbfc3d3
7c674324883b3dfa068dcead33bd3a1b3bde7383
858796953ba6748524a19b2254df57d57d3a8e6c142788d66967714d58b7a05e
GET /bimabet-goo-rtp-slot-gacor/?cep=n4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14&lptoken=16b563905618535070b4 HTTP/1.1
Host: lp.bima-up.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 19 Sep 2022 04:59:30 GMT
content-type: text/html
vary: Accept-Encoding
etag: W/"18d8f60518c01e21861d4b56ebc400cd"
last-modified: Mon, 01 Aug 2022 17:44:36 GMT
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
IP
File type ASCII text, with very long lines (17807)
Hash f4b779148388281c8ca5a446d5135524
b06d851f1be94fc597d2758979dba2456f1af530
0776be51e570780fd9e0056e15c3424a0e16855969436e66c759e51b7c14e89e
GET /gtag/js?id=G-DN42Q62RRE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 04:59:31 GMT
expires: Mon, 19 Sep 2022 04:59:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
200 OK 471 B IP
Hash c90472d89a1b853ad1b912ffd0bc2007
2653296412e80a6bb4b3a411a6df576e7fea0741
1b5a0973707d5170d2e08e88dc5836a5b2d18d3a85dc37753c6fa96f76532f09
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 04:59:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 20:32:16 GMT
Expires: Sat, 24 Sep 2022 20:32:15 GMT
Etag: "2653296412e80a6bb4b3a411a6df576e7fea0741"
Cache-Control: max-age=487363,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cfc0a0587ff134-ARN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash da1b7eec55c9145546157b147e94fa3b
45cccd3749b201c3c9cc1ce679654c6c399a99ff
863bd39c4b1ae719c32e5e743b160fd27dad8150b88d1746141e68d528dd3015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "863BD39C4B1AE719C32E5E743B160FD27DAD8150B88D1746141E68D528DD3015"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Mon, 19 Sep 2022 07:10:34 GMT
Date: Mon, 19 Sep 2022 04:59:31 GMT
Connection: keep-alive
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash a60fb8d0310032f18202339b27063aba
ae72db32211b37c7bd47c456b7c152878d9adab3
32507d4d1a4fd7ecf8e80e10cb43f626659c98ceb3355511357163353dd642d4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 04:59:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 18 Sep 2022 23:24:27 GMT
Expires: Mon, 19 Sep 2022 23:24:27 GMT
ETag: "ae72db32211b37c7bd47c456b7c152878d9adab3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
unphionetor.com/vctx?t=91302
204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=91302
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=91302 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 19 Sep 2022 04:59:31 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 68d44e444ded53e367f6fe28e3e14a9d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
track.bima-up.com/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1663563552408
200 OK 2.9 kB URL HTTP/2 track.bima-up.com/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1663563552408
IP
File type ASCII text, with very long lines (834)
Hash a021ea13e22f1c106db743c0fca6082f
4f4a3d7faca4f87bc5acf20a2b6c22793598be9b
680aac0441be32dec6b557dc5ff694658458a195d3684eeead5cbe1f68d891bb
GET /d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1663563552408 HTTP/1.1
Host: track.bima-up.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:59:31 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2862
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
js.center.io/center.js
200 OK 5.4 kB IP
File type ASCII text, with very long lines (566)
Hash 276609e3cfacad7622ab02bcd80a5f75
26fbc873773aada776b4cb2120a63130754f79ee
2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: f4f061de5cd3f625b8d9d80c71a14e2a
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Mon, 19 Sep 2022 04:59:31 GMT
expires: Mon, 19 Sep 2022 05:04:31 GMT
cache-control: public, max-age=300
etag: "OMWYXg"
content-type: application/javascript
age: 0
X-Firefox-Spdy: h2
js.center.io/identify.html
200 OK 2.0 kB URL HTTP/2 js.center.io/identify.html
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Hash c16ca7cb44a55621b5a53b8d3066ef99
9d19d037b0f6c1c12aa6cc3e378e13093272b0d3
9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: cc6a8cb1cd12dbf18ea73ab0cbe2904c
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Mon, 19 Sep 2022 04:57:00 GMT
expires: Mon, 19 Sep 2022 05:02:00 GMT
cache-control: public, max-age=300
age: 151
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/QloWlqJMKYnEI1AVFSu4c2BzD8D4GFAvx2fUDfesS6lr69LPJd-p2z2_b9zqGUAIQJbxpRAA-acb19gITVS3Tq5YLmmwyie3RBk=w16
200 OK 9.0 kB URL HTTP/2 lh3.googleusercontent.com/QloWlqJMKYnEI1AVFSu4c2BzD8D4GFAvx2fUDfesS6lr69LPJd-p2z2_b9zqGUAIQJbxpRAA-acb19gITVS3Tq5YLmmwyie3RBk=w16
IP
File type GIF image data, version 89a, 16 x 28\012- data
Hash 05d398c8b768d5fc76ac13b610dd56cc
c7c6ff1a53a7b2aa899d807fa5d0238e8422c083
26b90178d7d7bb70baf89c098cbf6fdccc184c7ce15d08b58a36c9b46852aef1
GET /QloWlqJMKYnEI1AVFSu4c2BzD8D4GFAvx2fUDfesS6lr69LPJd-p2z2_b9zqGUAIQJbxpRAA-acb19gITVS3Tq5YLmmwyie3RBk=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 9027
x-xss-protection: 0
date: Mon, 19 Sep 2022 04:59:31 GMT
expires: Fri, 16 Sep 2022 18:29:47 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/gif
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=91302&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 19 Sep 2022 04:59:31 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: b0ea1850d9c6404918ccb28323608cef
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 04:59:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b278b5e89ba9931029285b268f92da85
0e1d07dcba0b32cc25937244bd58a44eec039c57
44b51dfff34d85e041285ee0a642a3b3bdd3bf4bd81bd364ab224d66de6d73dc
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 04:59:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 18 Sep 2022 22:19:19 GMT
Expires: Mon, 19 Sep 2022 22:19:19 GMT
ETag: "0e1d07dcba0b32cc25937244bd58a44eec039c57"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe9e0&_p=333246209&cid=1120857876.1663563552&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663563552&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe9e0&_p=333246209&cid=1120857876.1663563552&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663563552&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DN42Q62RRE>m=2oe9e0&_p=333246209&cid=1120857876.1663563552&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663563552&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lp.bima-up.live
date: Mon, 19 Sep 2022 04:59:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b278b5e89ba9931029285b268f92da85
0e1d07dcba0b32cc25937244bd58a44eec039c57
44b51dfff34d85e041285ee0a642a3b3bdd3bf4bd81bd364ab224d66de6d73dc
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 19 Sep 2022 04:59:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 18 Sep 2022 22:19:19 GMT
Expires: Mon, 19 Sep 2022 22:19:19 GMT
ETag: "0e1d07dcba0b32cc25937244bd58a44eec039c57"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=BJ7vv3M3ZqRp5nC36RghbQ&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTZGLf8z6ZZk59fXonoSBV&sid=FU2tmvhT3dfwV6HKLpkDkD&cid=lp-BJ7vv3M3ZqRp5nC36RghbQ&uri=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&rf=&rx=1280&ry=939&tz=%2B00%3A00
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=BJ7vv3M3ZqRp5nC36RghbQ&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTZGLf8z6ZZk59fXonoSBV&sid=FU2tmvhT3dfwV6HKLpkDkD&cid=lp-BJ7vv3M3ZqRp5nC36RghbQ&uri=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&rf=&rx=1280&ry=939&tz=%2B00%3A00
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=BJ7vv3M3ZqRp5nC36RghbQ&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=QTZGLf8z6ZZk59fXonoSBV&sid=FU2tmvhT3dfwV6HKLpkDkD&cid=lp-BJ7vv3M3ZqRp5nC36RghbQ&uri=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3Dn4doGJuJBoNcKe26Ji9RCtwzCoEGnpIWQ95AyLFulLFOiiw_Vdc6i9Jv1DqhcjAztfiGb_PHrBYDON6FvrHLB4jUlAShJgjBbcXVvarSecAE-hf7sxsmjiCdQeHgBmEs6D9HEXUQC4YJkHoIxxRePlzVcEpfHAz4NgYvTt4WU65VUIrxQADWzNIx4y_OkMfrw-U6gnt2P9BbECV4bkOzKm4Bxy9Ofqg9WOx3uKOulfZGoTzDIJpZHLvk1JdF4Mr8jeIqXj1EWMxjzzT0iLZMS--XoFOkZQyamf8Dv5AICPCQVW5jDmjWy-W2JlmgFxIa61is5d37fgulMT97IgUuUOEIax1oBmzwdW5jt1ikl14%26lptoken%3D16b563905618535070b4&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.BJ7vv3M3ZqRp5nC36RghbQ=1663563572000; Domain=api.leadpages.io; expires=Tue, 20 Sep 2022 04:59:32 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
access-control-max-age: 600
x-request-id: 040egerdhvc20m75hau0
access-control-allow-origin: https://lp.bima-up.live
Date: Mon, 19 Sep 2022 04:59:32 GMT
Server: Stargate
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 91.90.42.154
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=30,431,249,737,0,747,1044,1058,1359,1361
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=30,431,249,737,0,747,1044,1058,1359,1361
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=30,431,249,737,0,747,1044,1058,1359,1361 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Server: Stargate
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
x-request-id: 040em511rl936dpkb520
Date: Mon, 19 Sep 2022 04:59:32 GMT
X-Forwarded-For: 91.90.42.154
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10045
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 04:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10045
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 04:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10045
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 04:59:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10045
Expires: Mon, 19 Sep 2022 07:46:57 GMT
Date: Mon, 19 Sep 2022 04:59:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 25339
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 25553
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:49:08 GMT
age: 76224
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 4533
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg
200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462834e36cc7d5121bad2761027522cd
e4884280d3e689c334c07e70eae59bb17c0a9d31
66c8c668434c712e8efa2cebfa68f5025b334185664b120fdcfc7a4a8939469c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4c47761-c610-4f71-a8f3-772d76380bc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3538
x-amzn-requestid: 438111ef-a7cf-427c-b3e1-ae551c7cce13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvYxEI7IAMFe7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202c37-6818efee4a1c0fc82d516d8a;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:07:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bXZq1mluA--mQCgQJAxvb6SKNhcqPyv43-J9tPnkhe9SZcCCUnQ_fw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:47:58 GMT
age: 25894
etag: "e4884280d3e689c334c07e70eae59bb17c0a9d31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcd68f4f4d0188a96a06b1793abf38e1
df40b195d24c1b58123c40f8b01294035c9076a5
6c8d53d76269c3f945cc28f3005bcdbbaf1a748a65a166db6c7161f382a47609
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff700a356-a9e1-4d17-b82b-cc825cbb09af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3375
x-amzn-requestid: 4827cdf6-5641-44cd-a076-d8b29bb34ffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSyFO0IAMF-Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790de-45acc6fe6064eb3f23e4ea77;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4PMLN0oWbDY1eqvGzUzXRC3u1gaJqh-uyYa9vKtcoXFqgbSO48R6dQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:56:42 GMT
age: 25370
etag: "df40b195d24c1b58123c40f8b01294035c9076a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=3520
204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=3520
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=91302&bid=undefined&aid=undefined&tp=3520 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 19 Sep 2022 04:59:33 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c29e83826c12c8f008ba597830ee5114
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=3AjHw3ZQy9JatUJHziwYmy&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=365,49,1,482
200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=3AjHw3ZQy9JatUJHziwYmy&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=365,49,1,482
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=3AjHw3ZQy9JatUJHziwYmy&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=365,49,1,482 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-allow-credentials: true
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
x-request-id: 040egfrqt6b5in9ljae0
access-control-allow-origin: https://lp.bima-up.live
Server: Stargate
Date: Mon, 19 Sep 2022 04:59:36 GMT
X-Forwarded-For: 91.90.42.154
propeller-tracking.com/fv.js?t=91302
200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=91302
IP
GET /fv.js?t=91302 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 04:59:31 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 66a94410991a041531d66bbad042d8b7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700
IP
GET /css?family=Fira+Sans:300,400,500,700|Montserrat:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 04:59:31 GMT
date: Mon, 19 Sep 2022 04:59:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
18.192.108.151
23.36.77.32
34.117.237.239
93.184.220.29
104.18.32.68