track.bima-up.live/de584bf5-dcdd-4a7a-b093-7d311597bc98
18.192.108.151302 0 B URL HTTP/1.1 track.bima-up.live/de584bf5-dcdd-4a7a-b093-7d311597bc98
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de584bf5-dcdd-4a7a-b093-7d311597bc98 HTTP/1.1
Host: track.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Mon, 30 Jan 2023 05:35:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://lp.bima-up.live/bimabet-goo-rtp-slot-gacor/?cep=OCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E&lptoken=16627587054c87192755
Pragma: no-cache
Set-Cookie: de584bf5-dcdd-4a7a-b093-7d311597bc98-v4=zgaVvizyCby3NPu978FzRFTcs1ppZ4DJHjYZiFCuEnc; Max-Age=86400; Expires=Tue, 31-Jan-2023 05:35:27 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
cep-v4=iLR53OB-SIfknhjM1u5fWYMWR77uOUQq1cBW2Y9FuIyPlmu05GOqBJsLG73ByzskxyAkSDsGPlILoYDdIuquSsfnHpj4fUStGQIUjSgmzs8KdIpROPpwhdFcaie6pgOl39F4jQEDUcyaMF9vKN28RFnACA3NES8cKGvWYrkHIr3V9jYXsMQbiSw73mBsQY4kq1Mp7FZULdWVgbSkWbnzjEN5JOZTVujEIw9A8le5xSq-lN1UhfV06g9LdUT-GtyAETvEpdRzhz07pw2DmjvO5y4nDyXPaqtOGmvTzIizetmVMbFTfnBXIiK0BakoZFja1Ub6aYnHxrD1LL6iGzXT6ptb0RvQu5ko2MQyOVcajFI; Max-Age=86400; Expires=Tue, 31-Jan-2023 05:35:27 GMT; Domain=track.bima-up.live; Path=/; HttpOnly
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7097
Expires: Mon, 30 Jan 2023 07:33:44 GMT
Date: Mon, 30 Jan 2023 05:35:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6509
Expires: Mon, 30 Jan 2023 07:23:56 GMT
Date: Mon, 30 Jan 2023 05:35:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 04:43:11 GMT
content-type: application/json
age: 3136
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9552
Expires: Mon, 30 Jan 2023 08:14:39 GMT
Date: Mon, 30 Jan 2023 05:35:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bpnRFehQWYHmGiYnrAMQ515duYS/6DK27KKSAm8TwHzr17FqmEicPTC3XPgwtRT8k2zpTPykQrU/kNTrAcWmYw==
x-amz-request-id: J3F6A1CHJXDM1419
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 05:21:40 GMT
age: 827
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 05:35:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9d8453299a9b12bbc3dd0388b9ac7563
0e16c8eca909c7db35b72e84745a7bb5814fb712
fb03906a3c348f4e546a0644907a4d479c95229b7dfc3d42256d4e2a1c8e553e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB03906A3C348F4E546A0644907A4D479C95229B7DFC3D42256D4E2A1C8E553E"
Last-Modified: Fri, 27 Jan 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=272
Expires: Mon, 30 Jan 2023 05:40:00 GMT
Date: Mon, 30 Jan 2023 05:35:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 04:41:41 GMT
age: 3227
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4858
Expires: Mon, 30 Jan 2023 06:56:26 GMT
Date: Mon, 30 Jan 2023 05:35:28 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP 142.250.74.131:0
Hash 2a027d1298a6cfc0c8587b1e723d33e1
bdf0209440561dac1dde229dd396b263438db564
53a2c9ddc283bc8d87ad8e04b2bf9b7d10f0234aafbb0926778bc26f5ca85aaf
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
34.107.203.240200 OK 15 kB URL HTTP/2 static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
IP 34.107.203.240:0
File type ASCII text, with very long lines (58749)
Hash f42272a0f636e716204c0bec503ba28c
2dfd630f7b31d442fb25aca978b26c0efe377481
3ede591eca234ade8e54d107d4b391129bdedff614876fd513ab94aaa0b7e7d4
GET /fonts/font-awesome/5.14.0/css/all.min.css HTTP/1.1
Host: static.leadpages.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
vary: Accept-Encoding
x-cloud-trace-context: dd8f98e0d0027c334bb00a2c35d7520a
content-encoding: gzip
server: Google Frontend
via: 1.1 google
content-length: 14628
date: Sun, 08 Jan 2023 08:11:06 GMT
expires: Mon, 08 Jan 2024 08:11:06 GMT
cache-control: public, max-age=31536000
age: 1891462
etag: "rvb96Q"
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-DN42Q62RRE
IP 142.250.74.168:0
File type ASCII text, with very long lines (19467)
Hash 07d6601e1ebd73208968348cc7c239ec
e3bbbe3d89148d1b59dbe022d4e384b21c577e1d
f2cab3c1844417c12c6f988d952f5d1542ba809eb05446b54d698e1e0a0051a3
GET /gtag/js?id=G-DN42Q62RRE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 05:35:28 GMT
expires: Mon, 30 Jan 2023 05:35:28 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/FnnVkHgPuNk
IP 142.250.74.131:0
Hash 2a027d1298a6cfc0c8587b1e723d33e1
bdf0209440561dac1dde229dd396b263438db564
53a2c9ddc283bc8d87ad8e04b2bf9b7d10f0234aafbb0926778bc26f5ca85aaf
POST /s/gts1d4/FnnVkHgPuNk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 163c81769cb3796185876ae84c820f48
f81ee1d4a647472c2f1d0e6c51c3339dec723908
74ee8c33a88f0c4bcb7fa66194a7969692047212483d10847395d6996ce5fed0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 05:35:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 08:20:01 GMT
Expires: Sun, 05 Feb 2023 08:20:00 GMT
Etag: "f81ee1d4a647472c2f1d0e6c51c3339dec723908"
Cache-Control: max-age=527671,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7917d82bdbdcb51b-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/WT_FO6-f4_k
IP 142.250.74.131:0
Hash 2f9838eea1b73b164e0172ff93df53b2
8ac8c910dd13f063c3a1ffd3d2400070a7c9d608
c68fe660249f2f6a91ef451fa84a48f34e61d5d4b6c8a9a2a75be7088f21f089
POST /s/gts1d4/WT_FO6-f4_k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.center.io/center.js
216.239.34.21200 OK 5.4 kB IP 216.239.34.21:0
File type ASCII text, with very long lines (566)
Hash 276609e3cfacad7622ab02bcd80a5f75
26fbc873773aada776b4cb2120a63130754f79ee
2037635942b2f0bde97187a1e26846a90f1c3e4944d5673b1be2a8d4376f2f9c
GET /center.js HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-cloud-trace-context: 095565d2c3b191b5008e441d5a90c192
content-encoding: gzip
server: Google Frontend
content-length: 5417
date: Mon, 30 Jan 2023 05:32:55 GMT
expires: Mon, 30 Jan 2023 05:37:55 GMT
cache-control: public, max-age=300
age: 153
etag: "OMWYXg"
content-type: application/javascript
X-Firefox-Spdy: h2
js.center.io/identify.html
216.239.34.21200 OK 2.0 kB URL HTTP/2 js.center.io/identify.html
IP 216.239.34.21:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (612)
Hash c16ca7cb44a55621b5a53b8d3066ef99
9d19d037b0f6c1c12aa6cc3e378e13093272b0d3
9fb2d501b3b8e18a65f3eff4634517306fe997abb6dc3d821216bf33e3e91f3a
GET /identify.html HTTP/1.1
Host: js.center.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-cloud-trace-context: aaca03e3683d28993cc45f535291142e
content-encoding: gzip
server: Google Frontend
content-length: 2016
date: Mon, 30 Jan 2023 05:31:53 GMT
expires: Mon, 30 Jan 2023 05:36:53 GMT
cache-control: public, max-age=300
age: 215
etag: "OMWYXg"
content-type: text/html
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f536b668e57fbc75c741e46ec9520d5d
cd0fd188d2d52254cb9971f855f59aaf31b84244
54229b773e7ed7aad984653813df88623eeebf15fa67c07dbc6531d376b8ae00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54229B773E7ED7AAD984653813DF88623EEEBF15FA67C07DBC6531D376B8AE00"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1913
Expires: Mon, 30 Jan 2023 06:07:21 GMT
Date: Mon, 30 Jan 2023 05:35:28 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.219.22101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.219.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: puu2/8H3p6bG8vcScr1FcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: stfwhjqzZpXSq9xqvSDR7H9UHUs=
unphionetor.com/vctx?t=91302
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=91302
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=91302 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 05:35:28 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 246352639d43031785355911da60a2e8
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
track.bima-up.com/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1675056939410
18.192.108.151200 OK 2.9 kB URL HTTP/2 track.bima-up.com/d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1675056939410
IP 18.192.108.151:0
File type ASCII text, with very long lines (834)
Hash 9422973036274aad33375718af060707
df400838175cbcf9be7908599aaba98b2b97f2bf
9c361171802f38ad2e2912cc0267e9c5000b7dab84f25af87715269fcf2c3bfb
GET /d/.js?lpref=&lpurl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&lpt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&vtm=1675056939410 HTTP/1.1
Host: track.bima-up.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 05:35:28 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2862
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/QloWlqJMKYnEI1AVFSu4c2BzD8D4GFAvx2fUDfesS6lr69LPJd-p2z2_b9zqGUAIQJbxpRAA-acb19gITVS3Tq5YLmmwyie3RBk=w16
142.250.74.97200 OK 9.0 kB URL HTTP/2 lh3.googleusercontent.com/QloWlqJMKYnEI1AVFSu4c2BzD8D4GFAvx2fUDfesS6lr69LPJd-p2z2_b9zqGUAIQJbxpRAA-acb19gITVS3Tq5YLmmwyie3RBk=w16
IP 142.250.74.97:0
File type GIF image data, version 89a, 16 x 28\012- data
Hash 05d398c8b768d5fc76ac13b610dd56cc
c7c6ff1a53a7b2aa899d807fa5d0238e8422c083
26b90178d7d7bb70baf89c098cbf6fdccc184c7ce15d08b58a36c9b46852aef1
GET /QloWlqJMKYnEI1AVFSu4c2BzD8D4GFAvx2fUDfesS6lr69LPJd-p2z2_b9zqGUAIQJbxpRAA-acb19gITVS3Tq5YLmmwyie3RBk=w16 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.gif"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 9027
x-xss-protection: 0
date: Mon, 30 Jan 2023 03:16:15 GMT
expires: Fri, 27 Jan 2023 02:20:44 GMT
cache-control: public, max-age=86400, no-transform
age: 8354
etag: "v1"
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=91302&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=91302&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 05:35:29 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 34e6b2ddcfb90a26044cf61b557d8b5b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 05:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash d2642e1705371e4ba3d998d6ead60c8f
e03cf085526f8ff2a4111c09e4e8eaa5e152ffa2
8ce36b9f0283655f2317b5e3cea1ae6071b8f34c50594aea77129e0fa9ab2d22
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 30 Jan 2023 05:35:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 30 Jan 2023 03:10:32 GMT
Expires: Tue, 31 Jan 2023 03:10:32 GMT
ETag: "e03cf085526f8ff2a4111c09e4e8eaa5e152ffa2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=BJ7vv3M3ZqRp5nC36RghbQ&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=8MiPySnbET4fvZvt5KetM6&sid=sWTWmk4AWKTtYKaBrx4yqe&cid=lp-BJ7vv3M3ZqRp5nC36RghbQ&uri=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&rf=&rx=1280&ry=939&tz=%2B00%3A00
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=BJ7vv3M3ZqRp5nC36RghbQ&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=8MiPySnbET4fvZvt5KetM6&sid=sWTWmk4AWKTtYKaBrx4yqe&cid=lp-BJ7vv3M3ZqRp5nC36RghbQ&uri=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&rf=&rx=1280&ry=939&tz=%2B00%3A00
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/events/capture?k=view&a=leadpage&l=BJ7vv3M3ZqRp5nC36RghbQ&v=&e=&st=&lc=en-US&pid=AEbxHzGYBGpmqeMEqpLZnR-default-prop&uid=8MiPySnbET4fvZvt5KetM6&sid=sWTWmk4AWKTtYKaBrx4yqe&cid=lp-BJ7vv3M3ZqRp5nC36RghbQ&uri=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&rf=&rx=1280&ry=939&tz=%2B00%3A00 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
set-cookie: view.AEbxHzGYBGpmqeMEqpLZnR-default-prop.BJ7vv3M3ZqRp5nC36RghbQ=1675056929000; Domain=api.leadpages.io; expires=Tue, 31 Jan 2023 05:35:29 GMT; httponly; Max-Age=86400; Path=/analytics/v1/events/capture; SameSite=None; secure
access-control-allow-credentials: true
x-request-id: 06m2tgdrm5te4fk1sntg
Server: Stargate
Date: Mon, 30 Jan 2023 05:35:29 GMT
access-control-allow-origin: https://lp.bima-up.live
X-Forwarded-For: 91.90.42.154
region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1p0&_p=453205477&cid=831058163.1675056939&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675056939&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1p0&_p=453205477&cid=831058163.1675056939&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675056939&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DN42Q62RRE>m=2oe1p0&_p=453205477&cid=831058163.1675056939&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675056939&sct=1&seg=0&dl=https%3A%2F%2Flp.bima-up.live%2Fbimabet-goo-rtp-slot-gacor%2F%3Fcep%3DOCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E%26lptoken%3D16627587054c87192755&dt=BimaBet%20-%20Anda%20Menang%2C%20Kami%20Bayar!%20Tanpa%20Basa-Basi!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lp.bima-up.live
date: Mon, 30 Jan 2023 05:35:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=54,267,251,600,0,613,904,908,1242,1243
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=54,267,251,600,0,613,904,908,1242,1243
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=54,267,251,600,0,613,904,908,1242,1243 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
x-request-id: 06m2tgf6d50de6vt90p0
Server: Stargate
Date: Mon, 30 Jan 2023 05:35:29 GMT
X-Forwarded-For: 91.90.42.154
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16738
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 05:35:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16738
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 05:35:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16738
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 05:35:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16738
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 05:35:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16738
Expires: Mon, 30 Jan 2023 10:14:28 GMT
Date: Mon, 30 Jan 2023 05:35:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 43174
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 26793
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ce4f845d4cdd467b4c82d8fbeb9ae0b
68257cdadb6e13a8f7f5e2354aca225286107a79
243b58df1616fd8b78c11302dbf90c97ecb6a3b289abe5f3439252cdbf304892
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 2b8949c8-5c97-49f5-8784-85daa42adff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4NF1moAMFQ9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e69a-2ab06022306835b013c1e46f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rhWnoHh5bILzb5MAI88JvXr6MGkRKHOT5L10I8VJkjjfN-Iuupva2Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:22 GMT
age: 26168
etag: "68257cdadb6e13a8f7f5e2354aca225286107a79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 26625
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 27658
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 27363
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=3398
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=91302&bid=undefined&aid=undefined&tp=3398
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=91302&bid=undefined&aid=undefined&tp=3398 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 05:35:30 GMT
access-control-allow-origin: https://lp.bima-up.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: cbbf1e98762f4b36ac9a9d290d3b606d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=nbX7oV8QXCWmTB6oosJy3u&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=139,56,1,524
35.192.151.63200 OK 35 B URL HTTP/1.1 api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=nbX7oV8QXCWmTB6oosJy3u&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=139,56,1,524
IP 35.192.151.63:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /analytics/v1/observations/capture?version=1.8.6&correlateBy=nbX7oV8QXCWmTB6oosJy3u&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=139,56,1,524 HTTP/1.1
Host: api.leadpages.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lp.bima-up.live
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
access-control-expose-headers: LP-Security-Token
access-control-max-age: 600
access-control-allow-origin: https://lp.bima-up.live
x-request-id: 06m2the9leb2ju4kcilg
Server: Stargate
Date: Mon, 30 Jan 2023 05:35:33 GMT
access-control-allow-credentials: true
X-Forwarded-For: 91.90.42.154
lp.bima-up.live/bimabet-goo-rtp-slot-gacor/?cep=OCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E&lptoken=16627587054c87192755
35.202.21.90200 OK 0 B URL HTTP/2 lp.bima-up.live/bimabet-goo-rtp-slot-gacor/?cep=OCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E&lptoken=16627587054c87192755
IP 35.202.21.90:0
GET /bimabet-goo-rtp-slot-gacor/?cep=OCPgPPNavnS1OsoXV1_dKhNVLJ0JhQxgoPpJFsmq0hFErukr6yQbLGXOB69WzTfd0lruO5GlSwJy9VVwVfLdokpe1o5Q3b-9T3m5mlzaCmEcQFiEGXuQUycpPrt13Tt5ZwBNFc6ea2CEld7MpBPAI1zVxjlZb_12D5jgMlXuglwYkX5ciLDmzflsoZkNq5HqJlTsVUVVpAK5vjoBU6-3nEyrSdRVtdD55okr5Gss737D69ZNOzPKbfsbHTMgAiG6Gy3qrFrV5r6jbDe2fPebwuN2qAo--xlFUIRDF5sXlJlMRKaAUArW4GUpIkZZOnIRAVncT9YDqeF6T_SQfTxAD4ESpPW5zYBCM3TlNsBcA4E&lptoken=16627587054c87192755 HTTP/1.1
Host: lp.bima-up.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 05:35:28 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 01 Aug 2022 17:44:36 GMT
etag: W/"18d8f60518c01e21861d4b56ebc400cd"
x-cache: MISS, HIT
cache-control: no-cache
server: Leadpages
strict-transport-security: max-age=15768000
content-encoding: br
X-Firefox-Spdy: h2
propeller-tracking.com/fv.js?t=91302
139.45.197.240200 OK 0 B URL HTTP/2 propeller-tracking.com/fv.js?t=91302
IP 139.45.197.240:0
GET /fv.js?t=91302 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lp.bima-up.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 05:35:28 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 16d885cf881b5f5bce423c0eb1be454f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2